Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
234 vulnerabilities found for centos by centos
VAR-201404-0592
Vulnerability from variot - Updated: 2026-04-10 23:34The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. OpenSSL 1.0.1 and 1.0.2 beta contain a vulnerability that could disclose sensitive private information to an attacker. This vulnerability is commonly referred to as "heartbleed.". RubyGems actionpack is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause denial-of-service conditions. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. This weakness potentially allows disclosure of information protected, under normal conditions, by the SSL/TLS protocol. The impacted products appear in the list below are vulnerable due to embedding OpenSSL standard release software. Each bulletin will include a patch and/or mitigation guideline.
Note: OpenSSL is an external product embedded in HP products.
Bulletin Applicability:
This bulletin applies to each OpenSSL component that is embedded within the HP products listed in the security bulletin. The bulletin does not apply to any other 3rd party application (e.g. operating system, web server, or application server) that may be required to be installed by the customer according instructions in the product install guide.
To learn more about HP Software Incident Response, please visit http://www8.h p.com/us/en/software-solutions/enterprise-software-security-center/response-c enter.html . No user action is required to install them. HP StoreEver ESL G3 Tape Libraries with MCB rev 2 OpenSSL version 1.0.1f for the following firmware versions:
671H_GS00601 665H_GS12501 663H_GS04601
HP StoreEver ESL G3 Tape Libraries with MCB rev 1 Open SSL version 1.0.1e in 655H firmware versions:
655H_GS10201
HP StoreEver Enterprise Library LTO-6 Tape Drives: all firmware versions. If the library firmware cannot be updated, HP recommends following the Mitigation Instructions below.
Mitigation Instructions
The following configuration options that allow access to the Heartbeat function in the vulnerable versions of OpenSSL are not enabled by default. Verify that the following options are "disabled" using the Tape Library GUI:
Product Configuration Options to Disable TLS Heartbeat Functions
Secure SMI-S CVTL User
Note: Disabling these features blocks the vulnerable OpenSSL function in both the ESL G3 Tape Library and the StoreEver Enterprise Library LTO-6 Tape Drives. The basic functionality of the library is not affected by these configuration changes and SSL access to the user interface is not affected by this configuration change or setting. ============================================================================ Ubuntu Security Notice USN-2165-1 April 07, 2014
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
OpenSSL could be made to expose sensitive information over the network, possibly including private keys.
Software Description: - openssl: Secure Socket Layer (SSL) cryptographic library and tools
Details:
Neel Mehta discovered that OpenSSL incorrectly handled memory in the TLS heartbeat extension. (CVE-2014-0160)
Yuval Yarom and Naomi Benger discovered that OpenSSL incorrectly handled timing during swap operations in the Montgomery ladder implementation. An attacker could use this issue to perform side-channel attacks and possibly recover ECDSA nonces. (CVE-2014-0076)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 13.10: libssl1.0.0 1.0.1e-3ubuntu1.2
Ubuntu 12.10: libssl1.0.0 1.0.1c-3ubuntu2.7
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.12
After a standard system update you need to reboot your computer to make all the necessary changes. Since this issue may have resulted in compromised private keys, it is recommended to regenerate them.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1g-i486-1_slack14.1.txz: Upgraded. Thanks for Neel Mehta of Google Security for discovering this bug and to Adam Langley agl@chromium.org and Bodo Moeller bmoeller@acm.org for preparing the fix. Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" by Yuval Yarom and Naomi Benger. Details can be obtained from: http://eprint.iacr.org/2014/140 For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 ( Security fix ) patches/packages/openssl-solibs-1.0.1g-i486-1_slack14.1.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1g-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1g-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1g-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1g-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1g-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1g-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1g-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1g-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1g-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1g-i486-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1g-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1g-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.0 packages: 5467a62ebfbe9a9bfff64dcc4cfcdf7d openssl-1.0.1g-i486-1_slack14.0.txz bdadd9920f2ce6fe4a0a7bd0d96f99df openssl-solibs-1.0.1g-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 11ede2992e2b5d15bd3ffc5807571350 openssl-1.0.1g-x86_64-1_slack14.0.txz 858ea6409aab45a67a880458ce48f923 openssl-solibs-1.0.1g-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 8638083d9768ffcc4b7c597806ca634c openssl-1.0.1g-i486-1_slack14.1.txz 4d9dfe9db9e1f286ead72fc60971807b openssl-solibs-1.0.1g-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: d85f8f451f71dd606f3adb59e582322a openssl-1.0.1g-x86_64-1_slack14.1.txz 43ff4bbfe26f99e7a3b9145146d191a0 openssl-solibs-1.0.1g-x86_64-1_slack14.1.txz
Slackware -current packages: 265a66855320207d4a7567ac5ae9a747 a/openssl-solibs-1.0.1g-i486-1.txz bf07a4b17f1c78a4081e2cfb711b8748 n/openssl-1.0.1g-i486-1.txz
Slackware x86_64 -current packages: 27e5135d764bd87bdb784b288e416b22 a/openssl-solibs-1.0.1g-x86_64-1.txz 5ef747eed99ac34102b34d8d0eaed3a8 n/openssl-1.0.1g-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1g-i486-1_slack14.1.txz openssl-solibs-1.0.1g-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. If bulk software or firmware updates are required, use an unaffected or patched version of HP Smart Update Manager (HP SUM) to do single or batch updates. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: rhevm-spice-client security update Advisory ID: RHSA-2014:0416-01 Product: Red Hat Enterprise Virtualization Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0416.html Issue date: 2014-04-17 CVE Names: CVE-2012-4929 CVE-2013-0169 CVE-2013-4353 CVE-2014-0160 =====================================================================
- Summary:
Updated rhevm-spice-client packages that fix multiple security issues are now available for Red Hat Enterprise Virtualization Manager 3.
The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
RHEV-M 3.3 - noarch
- Description:
Red Hat Enterprise Virtualization Manager provides access to virtual machines using SPICE. These SPICE client packages provide the SPICE client and usbclerk service for both Windows 32-bit operating systems and Windows 64-bit operating systems.
The rhevm-spice-client package includes the mingw-virt-viewer Windows SPICE client. OpenSSL, a general purpose cryptography library with a TLS implementation, is bundled with mingw-virt-viewer. The mingw-virt-viewer package has been updated to correct the following issues:
An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. (CVE-2014-0160)
It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)
A NULL pointer dereference flaw was found in the way OpenSSL handled TLS/SSL protocol handshake packets. A specially crafted handshake packet could cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353)
It was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. (CVE-2012-4929)
Red Hat would like to thank the OpenSSL project for reporting CVE-2014-0160. Upstream acknowledges Neel Mehta of Google Security as the original reporter.
The updated mingw-virt-viewer Windows SPICE client further includes OpenSSL security fixes that have no security impact on mingw-virt-viewer itself. The security fixes included in this update address the following CVE numbers:
CVE-2013-6449, CVE-2013-6450, CVE-2012-2686, and CVE-2013-0166
All Red Hat Enterprise Virtualization Manager users are advised to upgrade to these updated packages, which address these issues.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
857051 - CVE-2012-4929 SSL/TLS CRIME attack against HTTPS 907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13) 1049058 - CVE-2013-4353 openssl: client NULL dereference crash on malformed handshake packets 1084875 - CVE-2014-0160 openssl: information disclosure in handling of TLS heartbeat extension packets
- Package List:
RHEV-M 3.3:
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/RHEV/SRPMS/rhevm-spice-client-3.3-12.el6_5.src.rpm
noarch: rhevm-spice-client-x64-cab-3.3-12.el6_5.noarch.rpm rhevm-spice-client-x64-msi-3.3-12.el6_5.noarch.rpm rhevm-spice-client-x86-cab-3.3-12.el6_5.noarch.rpm rhevm-spice-client-x86-msi-3.3-12.el6_5.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-4929.html https://www.redhat.com/security/data/cve/CVE-2013-0169.html https://www.redhat.com/security/data/cve/CVE-2013-4353.html https://www.redhat.com/security/data/cve/CVE-2014-0160.html https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
The HP SIM software itself is not vulnerable to CVE-2014-0160 ("Heartbleed"). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04239372
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04239372 Version: 4
HPSBMU02998 rev.4 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-04-13 Last Updated: 2014-05-13
Potential Security Impact: Remote disclosure of information, Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS).
References:
CVE-2014-0160 (SSRT101501) Disclosure of Information - "Heartbleed" CVE-2013-4353 Denial of Service (DoS) CVE-2013-6449 Denial of Service (DoS) CVE-2013-6450 Denial of Service (DoS)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage (SMH) v7.1.2, v7.2, v7.2.1, v7.2.2, v7.3, v7.3.1 for Linux and Windows.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2013-4353 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2013-6449 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2013-6450 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve the vulnerabilities for the impacted versions of HP System Management Homepage (SMH):
Product version/Platform Download Location
SMH 7.2.3 Windows x86 http://www.hp.com/swpublishing/MTX-d1488fd987894bc4ab3fe0ef52
SMH 7.2.3 Windows x64 http://www.hp.com/swpublishing/MTX-4575754bbb614b58bf0ae1ac37
SMH 7.3.2.1(B) Windows x86 http://www.hp.com/swpublishing/MTX-27e03b2f9cd24e77adc9dba94a
SMH 7.3.2.1(B) Windows x64 http://www.hp.com/swpublishing/MTX-37075daeead2433cb41b59ae76
SMH 7.3.2 Linux x86 http://www.hp.com/swpublishing/MTX-3d92ccccf85f404e8ba36a8178
SMH 7.3.2 Linux x64 http://www.hp.com/swpublishing/MTX-bfd3c0fb11184796b9428ced37
Notes
SMH 7.2.3 recommended for customers running Windows 2003 OS Updated OpenSSL to version 1.0.1g
Note: If you believe your SMH installation was exploited while it was running components vulnerable to heartbleed, there are some steps to perform after youve upgraded to the non-vulnerable components. These steps include revoking, recreating, and re-importing certificates and resetting passwords that might have been harvested by a malicious attacker using the heartbleed vulnerability.
Impact on VCA - VCRM communication: VCA configures VCRM by importing the SMH certificate from the SMH of VCA into the SMH of VCRM. When this certificate is deleted & regenerated (as suggested before), it needs to be (re)imported if the user wants to continue with Trust by Certificate option, and the outdated certificate should be revoked (deleted) from each location where it was previously imported. If you use HPSIMs 2-way trust feature, and have imported SMH certificates into HPSIM, you will also need to revoke those SMH certificated from HPSIM and reimport the newly created SMH certificates. Though SMH uses OS credentials using OS-based APIs, user provided credentials are passed from the client (browser) to the server (SMH) using the HTTPS protocol. If you suspect your systems using SMH were exploited while they were vulnerable to heartbleed, these passwords need to be reset.
Frequently Asked Questions
Will updated systems require a reboot after applying the SMH patch? No, reboot of the system will not be required. Installing the new build is sufficient to get back to the normal state. Is a Firmware Update necessary in addition to the SMH patch? No, only the SMH update is sufficient to remove the heartbleed-vulnerable version of SMH. Will new certificates be issued along with the patch, or need to be handled separately? If you suspect the certificate has been compromised due to this vulnerability, we do recommend to delete and revoke the certificate, or SMH will reuse the existing certificate. New certificate will be created when SMH service starts (at the end of the fresh / upgrade installation). Instructions on deleting the certificate are in the notes above. Where can I get SMH documentation? All major documents are available at: http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library Select HP Insight Management under Product and Solutions & check HP System Management Homepage to get SMH related documents.
What are the recommended upgrade paths? See the table below: SMH DVD SPP Recommended SMH update for Linux Recommended SMH update for Windows 2003 and Widows 2003 R2 Recommended SMH update for other Windows OS versions
v7.1.2 v7.1.2 2012.10.0 v7.3.2 v7.2.3 v7.3.2
v7.2.0 v7.2.0 2013.02.0(B) v7.3.2 v7.2.3 v7.3.2
v7.2.1 v7.2u1
v7.3.2 v7.2.3 v7.3.2
v7.2.2 v7.2u2 2013.09.0(B) v7.3.2 v7.2.3 v7.3.2
v7.3.0 v7.3.0
v7.3.2 not supported v7.3.2
v7.3.1 v7.3.1 2014.02.0 v7.3.2 not supported v7.3.2
How can I verify whether my setup is patched successfully? SMH version can be verified by executing following command on: Windows: hp\hpsmh\bin\smhlogreader version Linux: /opt/hp/hpsmh/bin/smhlogreader version Will VCA-VCRM communication be impacted due to the SMH certificate being deleted? VCA configures VCRM by importing the SMH certificate (sslshare\cert.pem) from the SMH of VCA to the SMH of VCRM. When this certificate is deleted & regenerated (as suggested before), it needs to be (re)imported if user wants to continue with Trust by Certificate option, and remove the old, previously imported certificate. Should I reset password on all managed nodes, where SMH was/is running? Though SMH uses OS credentials using OS based APIs, user-provided credentials are passed from the client (browser) to the server (SMH) using the HTTPS protocol. Passwords need to be reset if you suspect the vulnerable version of SMH was exploited by malicious users/ hackers.
HISTORY Version:1 (rev.1) - 13 April 2014 Initial release Version:2 (rev.2) - 17 April 2014 SMH 7.2.3 and 7.3.2 released Version:3 (rev.3) - 30 April 2014 SMH 7.3.2.1(B) released Version:4 (rev.4) - 13 May 2014 Added additional remediation steps for post update installation
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlNyLMAACgkQ4B86/C0qfVm6RQCg4JuHEt+iZq+td37hPIp27qrd fm4AoKM1d7+F05Xo87Bicnmh0OHidg/O =bK11 -----END PGP SIGNATURE----- . This bulletin will give you the information needed to update your HP Insight Control server deployment solution.
Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64
References: CVE-2014-0160 (SSRT101538)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP is actively working to address this vulnerability for the impacted versions of HP Insight Control server deployment. This bulletin may be revised. It is recommended that customers take the following approaches depending on the version of HP Insight Control server deployment:
To address the vulnerability in an initial installation of HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, and v7.2.2 only follow steps 1 through Step 3 of the following procedure, before initiating an operating system deployment.
To address the vulnerability in a previous installation of HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, and v7.2.2 follow all steps in the following procedure.
Delete the smhamd64-.exe/smhx86-.exe" from Component Copy Location listed in the following table, row 1,2,3,4. Delete the affected hpsmh-7.*.rpm" from Component Copy Location listed in the following table, row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location suggested in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location
1 http://www.hp.com/swpublishing/MTX-d1488fd987894bc4ab3fe0ef52 smhx86-cp023242.exe \express\hpfeatures\hpagents-ws\components\Win2003
2 http://www.hp.com/swpublishing/MTX-4575754bbb614b58bf0ae1ac37 smhamd64-cp023243.exe \express\hpfeatures\hpagents-ws\components\Win2003
3 http://www.hp.com/swpublishing/MTX-2e19c856f0e84e20a14c63ecd0 smhamd64-cp023240.exe \express\hpfeatures\hpagents-ws\components\Win2008
4 http://www.hp.com/swpublishing/MTX-41199f68c1144acb84a5798bf0 smhx86-cp023239.exe \express\hpfeatures\hpagents-ws\components\Win2008
5 http://www.hp.com/swpublishing/MTX-bfd3c0fb11184796b9428ced37 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components \express\hpfeatures\hpagents-sles10-x64\components \express\hpfeatures\hpagents-rhel5-x64\components \express\hpfeatures\hpagents-rhel6-x64\components
Table 1
Initiate Install HP Management Agents for SLES 11 x64 on targets running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on targets running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL 5 x64
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "mivoice",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "1.3.2.2"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"_id": null,
"model": "v60",
"scope": "eq",
"trust": 1.0,
"vendor": "intellian",
"version": "1.15"
},
{
"_id": null,
"model": "s9922l",
"scope": "eq",
"trust": 1.0,
"vendor": "ricon",
"version": "16.10.3\\(3794\\)"
},
{
"_id": null,
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "7.0"
},
{
"_id": null,
"model": "mivoice",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "1.1.2.5"
},
{
"_id": null,
"model": "gluster storage",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "application processing engine",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0"
},
{
"_id": null,
"model": "v100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellian",
"version": "1.24"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "simatic s7-1500",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.5"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "12.3"
},
{
"_id": null,
"model": "splunk",
"scope": "gte",
"trust": 1.0,
"vendor": "splunk",
"version": "6.0.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"_id": null,
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.10"
},
{
"_id": null,
"model": "mivoice",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "1.1.3.3"
},
{
"_id": null,
"model": "symantec messaging gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.6.1"
},
{
"_id": null,
"model": "virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "v100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellian",
"version": "1.20"
},
{
"_id": null,
"model": "v60",
"scope": "eq",
"trust": 1.0,
"vendor": "intellian",
"version": "1.25"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "13.10"
},
{
"_id": null,
"model": "cp 1543-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1"
},
{
"_id": null,
"model": "wincc open architecture",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "3.12"
},
{
"_id": null,
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "7.3.0.104"
},
{
"_id": null,
"model": "splunk",
"scope": "lt",
"trust": 1.0,
"vendor": "splunk",
"version": "6.0.3"
},
{
"_id": null,
"model": "mivoice",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "1.2.0.11"
},
{
"_id": null,
"model": "elan-8.2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "8.3.3"
},
{
"_id": null,
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "7.2"
},
{
"_id": null,
"model": "storage",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "server",
"scope": "lt",
"trust": 1.0,
"vendor": "filezilla",
"version": "0.9.44"
},
{
"_id": null,
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "7.1"
},
{
"_id": null,
"model": "simatic s7-1500t",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "mivoice",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "1.4.0.102"
},
{
"_id": null,
"model": "v100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellian",
"version": "1.21"
},
{
"_id": null,
"model": "symantec messaging gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.6.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"_id": null,
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "7.3"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "amazon",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmate",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bee ware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "global associates",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva s a",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "marklogic",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mcafee",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nvidia",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openvpn",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "unisys",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wind river",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nginx",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"_id": null,
"model": "studio onsite",
"scope": "eq",
"trust": 0.6,
"vendor": "suse",
"version": "1.3"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.6,
"vendor": "s u s e",
"version": "13.1"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.6,
"vendor": "s u s e",
"version": "12.3"
},
{
"_id": null,
"model": "software collections for rhel",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "0"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "puppetlabs",
"version": "3.1"
},
{
"_id": null,
"model": "chef",
"scope": "eq",
"trust": 0.6,
"vendor": "opscode",
"version": "11.1.2"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "chef",
"scope": "ne",
"trust": 0.6,
"vendor": "opscode",
"version": "11.1.3"
},
{
"_id": null,
"model": "webyast",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.3"
},
{
"_id": null,
"model": "lifecycle management server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.3"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.2"
},
{
"_id": null,
"model": "actionpack",
"scope": "eq",
"trust": 0.3,
"vendor": "rubygems",
"version": "3.0"
},
{
"_id": null,
"model": "actionpack",
"scope": "eq",
"trust": 0.3,
"vendor": "rubygems",
"version": "4.0.1"
},
{
"_id": null,
"model": "actionpack",
"scope": "eq",
"trust": 0.3,
"vendor": "rubygems",
"version": "3.2.15"
},
{
"_id": null,
"model": "openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "actionpack",
"scope": "ne",
"trust": 0.3,
"vendor": "rubygems",
"version": "4.0.2"
},
{
"_id": null,
"model": "actionpack",
"scope": "ne",
"trust": 0.3,
"vendor": "rubygems",
"version": "3.2.16"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.1.1"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.7"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.5"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "1.1"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.10"
},
{
"_id": null,
"model": "on rails ruby on rails 3.1.0.rc5",
"scope": null,
"trust": 0.3,
"vendor": "ruby",
"version": null
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.0.3"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.8.4"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.14"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.12"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.4"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "1.2.7"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "1.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.12"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.11"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.17"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.0.1"
},
{
"_id": null,
"model": "cloudforms",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.1"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.12"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.15"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.7.1"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.13"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "1.0"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.8.3"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.16"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.6"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.18"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.4"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "ne",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.17"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.7"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.8.0"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.5.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.6"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.7"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.8"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.0"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.20"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.1.2"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.5.1"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.1.1"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.6"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.4"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.6"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.5"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.1.3"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.7.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.9"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.16"
},
{
"_id": null,
"model": "on rails ruby on rails 3.1.0.rc6",
"scope": null,
"trust": 0.3,
"vendor": "ruby",
"version": null
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.8"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.0"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.11"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.0.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.3"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.19"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.13"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.11"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.8"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.10"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.2"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.8.2"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.7"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#720951"
},
{
"db": "BID",
"id": "64074"
},
{
"db": "BID",
"id": "65604"
},
{
"db": "NVD",
"id": "CVE-2014-0160"
}
]
},
"credits": {
"_id": null,
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "126605"
},
{
"db": "PACKETSTORM",
"id": "126954"
},
{
"db": "PACKETSTORM",
"id": "126284"
},
{
"db": "PACKETSTORM",
"id": "126361"
},
{
"db": "PACKETSTORM",
"id": "126417"
},
{
"db": "PACKETSTORM",
"id": "126305"
},
{
"db": "PACKETSTORM",
"id": "126644"
},
{
"db": "PACKETSTORM",
"id": "126164"
},
{
"db": "PACKETSTORM",
"id": "127279"
},
{
"db": "PACKETSTORM",
"id": "127085"
},
{
"db": "PACKETSTORM",
"id": "126784"
}
],
"trust": 1.1
},
"cve": "CVE-2014-0160",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0160",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 5.0,
"collateralDamagePotential": "LOW-MEDIUM",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "HIGH",
"enviromentalScore": 6.5,
"exploitability": "FUNCTIONAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0160",
"impactScore": 2.9,
"integrityImpact": "NONE",
"integrityRequirement": "HIGH",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "MEDIUM",
"targetDistribution": "HIGH",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2014-0160",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0160",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2014-0160",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0160",
"trust": 0.8,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-0160",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#720951"
},
{
"db": "VULMON",
"id": "CVE-2014-0160"
},
{
"db": "NVD",
"id": "CVE-2014-0160"
},
{
"db": "NVD",
"id": "CVE-2014-0160"
}
]
},
"description": {
"_id": null,
"data": "The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. OpenSSL 1.0.1 and 1.0.2 beta contain a vulnerability that could disclose sensitive private information to an attacker. This vulnerability is commonly referred to as \"heartbleed.\". RubyGems actionpack is prone to a denial-of-service vulnerability. \nRemote attackers can exploit this issue to cause denial-of-service conditions. \nOpenSSL is a 3rd party product that is embedded with some of HP Software\nproducts. This bulletin objective is to notify HP Software customers about\nproducts affected by the Heartbleed vulnerability. This weakness\npotentially allows disclosure of information protected, under normal\nconditions, by the SSL/TLS protocol. The impacted products appear in the list\nbelow are vulnerable due to embedding OpenSSL standard release software. Each bulletin will include a patch and/or mitigation\nguideline. \n\nNote: OpenSSL is an external product embedded in HP products. \n\nBulletin Applicability:\n\nThis bulletin applies to each OpenSSL component that is embedded within the\nHP products listed in the security bulletin. The bulletin does not apply to\nany other 3rd party application (e.g. operating system, web server, or\napplication server) that may be required to be installed by the customer\naccording instructions in the product install guide. \n\nTo learn more about HP Software Incident Response, please visit http://www8.h\np.com/us/en/software-solutions/enterprise-software-security-center/response-c\nenter.html . No user action is\nrequired to install them. \nHP StoreEver ESL G3 Tape Libraries with MCB rev 2 OpenSSL version 1.0.1f for\nthe following firmware versions:\n\n671H_GS00601\n665H_GS12501\n663H_GS04601\n\nHP StoreEver ESL G3 Tape Libraries with MCB rev 1 Open SSL version 1.0.1e in\n655H firmware versions:\n\n655H_GS10201\n\nHP StoreEver Enterprise Library LTO-6 Tape Drives: all firmware versions. \nIf the library firmware cannot be updated, HP recommends following the\nMitigation Instructions below. \n\nMitigation Instructions\n\nThe following configuration options that allow access to the Heartbeat\nfunction in the vulnerable versions of OpenSSL are not enabled by default. \nVerify that the following options are \"disabled\" using the Tape Library GUI:\n\nProduct Configuration Options to Disable TLS Heartbeat Functions\n\nSecure SMI-S\nCVTL User\n\nNote: Disabling these features blocks the vulnerable OpenSSL function in both\nthe ESL G3 Tape Library and the StoreEver Enterprise Library LTO-6 Tape\nDrives. The basic functionality of the library is not affected by these\nconfiguration changes and SSL access to the user interface is not affected by\nthis configuration change or setting. ============================================================================\nUbuntu Security Notice USN-2165-1\nApril 07, 2014\n\nopenssl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 13.10\n- Ubuntu 12.10\n- Ubuntu 12.04 LTS\n\nSummary:\n\nOpenSSL could be made to expose sensitive information over the network,\npossibly including private keys. \n\nSoftware Description:\n- openssl: Secure Socket Layer (SSL) cryptographic library and tools\n\nDetails:\n\nNeel Mehta discovered that OpenSSL incorrectly handled memory in the TLS\nheartbeat extension. (CVE-2014-0160)\n\nYuval Yarom and Naomi Benger discovered that OpenSSL incorrectly handled\ntiming during swap operations in the Montgomery ladder implementation. An\nattacker could use this issue to perform side-channel attacks and possibly\nrecover ECDSA nonces. (CVE-2014-0076)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 13.10:\n libssl1.0.0 1.0.1e-3ubuntu1.2\n\nUbuntu 12.10:\n libssl1.0.0 1.0.1c-3ubuntu2.7\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.12\n\nAfter a standard system update you need to reboot your computer to make all\nthe necessary changes. Since this issue may have resulted in compromised\nprivate keys, it is recommended to regenerate them. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1g-i486-1_slack14.1.txz: Upgraded. \n Thanks for Neel Mehta of Google Security for discovering this bug and to\n Adam Langley \u003cagl@chromium.org\u003e and Bodo Moeller \u003cbmoeller@acm.org\u003e for\n preparing the fix. \n Fix for the attack described in the paper \"Recovering OpenSSL\n ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack\"\n by Yuval Yarom and Naomi Benger. Details can be obtained from:\n http://eprint.iacr.org/2014/140\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\n (* Security fix *)\npatches/packages/openssl-solibs-1.0.1g-i486-1_slack14.1.txz: Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1g-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1g-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1g-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1g-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1g-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1g-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1g-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1g-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1g-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1g-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1g-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1g-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 packages:\n5467a62ebfbe9a9bfff64dcc4cfcdf7d openssl-1.0.1g-i486-1_slack14.0.txz\nbdadd9920f2ce6fe4a0a7bd0d96f99df openssl-solibs-1.0.1g-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n11ede2992e2b5d15bd3ffc5807571350 openssl-1.0.1g-x86_64-1_slack14.0.txz\n858ea6409aab45a67a880458ce48f923 openssl-solibs-1.0.1g-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n8638083d9768ffcc4b7c597806ca634c openssl-1.0.1g-i486-1_slack14.1.txz\n4d9dfe9db9e1f286ead72fc60971807b openssl-solibs-1.0.1g-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nd85f8f451f71dd606f3adb59e582322a openssl-1.0.1g-x86_64-1_slack14.1.txz\n43ff4bbfe26f99e7a3b9145146d191a0 openssl-solibs-1.0.1g-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n265a66855320207d4a7567ac5ae9a747 a/openssl-solibs-1.0.1g-i486-1.txz\nbf07a4b17f1c78a4081e2cfb711b8748 n/openssl-1.0.1g-i486-1.txz\n\nSlackware x86_64 -current packages:\n27e5135d764bd87bdb784b288e416b22 a/openssl-solibs-1.0.1g-x86_64-1.txz\n5ef747eed99ac34102b34d8d0eaed3a8 n/openssl-1.0.1g-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1g-i486-1_slack14.1.txz openssl-solibs-1.0.1g-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. \nIf bulk software or firmware updates are required, use an unaffected or\npatched version of HP Smart Update Manager (HP SUM) to do single or batch\nupdates. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: rhevm-spice-client security update\nAdvisory ID: RHSA-2014:0416-01\nProduct: Red Hat Enterprise Virtualization\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-0416.html\nIssue date: 2014-04-17\nCVE Names: CVE-2012-4929 CVE-2013-0169 CVE-2013-4353 \n CVE-2014-0160 \n=====================================================================\n\n1. Summary:\n\nUpdated rhevm-spice-client packages that fix multiple security issues are\nnow available for Red Hat Enterprise Virtualization Manager 3. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRHEV-M 3.3 - noarch\n\n3. Description:\n\nRed Hat Enterprise Virtualization Manager provides access to virtual\nmachines using SPICE. These SPICE client packages provide the SPICE client\nand usbclerk service for both Windows 32-bit operating systems and Windows\n64-bit operating systems. \n\nThe rhevm-spice-client package includes the mingw-virt-viewer Windows SPICE\nclient. OpenSSL, a general purpose cryptography library with a TLS\nimplementation, is bundled with mingw-virt-viewer. The mingw-virt-viewer\npackage has been updated to correct the following issues:\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server. (CVE-2014-0160)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the way OpenSSL handled\nTLS/SSL protocol handshake packets. A specially crafted handshake packet\ncould cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text. \n(CVE-2012-4929)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-0160. Upstream acknowledges Neel Mehta of Google Security as the\noriginal reporter. \n\nThe updated mingw-virt-viewer Windows SPICE client further includes OpenSSL\nsecurity fixes that have no security impact on mingw-virt-viewer itself. \nThe security fixes included in this update address the following CVE\nnumbers:\n\nCVE-2013-6449, CVE-2013-6450, CVE-2012-2686, and CVE-2013-0166\n\nAll Red Hat Enterprise Virtualization Manager users are advised to upgrade\nto these updated packages, which address these issues. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n857051 - CVE-2012-4929 SSL/TLS CRIME attack against HTTPS\n907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13)\n1049058 - CVE-2013-4353 openssl: client NULL dereference crash on malformed handshake packets\n1084875 - CVE-2014-0160 openssl: information disclosure in handling of TLS heartbeat extension packets\n\n6. Package List:\n\nRHEV-M 3.3:\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/RHEV/SRPMS/rhevm-spice-client-3.3-12.el6_5.src.rpm\n\nnoarch:\nrhevm-spice-client-x64-cab-3.3-12.el6_5.noarch.rpm\nrhevm-spice-client-x64-msi-3.3-12.el6_5.noarch.rpm\nrhevm-spice-client-x86-cab-3.3-12.el6_5.noarch.rpm\nrhevm-spice-client-x86-msi-3.3-12.el6_5.noarch.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-4929.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0169.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-4353.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0160.html\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n\nThe HP SIM software itself is not vulnerable to CVE-2014-0160 (\"Heartbleed\"). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04239372\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04239372\nVersion: 4\n\nHPSBMU02998 rev.4 - HP System Management Homepage (SMH) running OpenSSL on\nLinux and Windows, Remote Disclosure of Information, Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-04-13\nLast Updated: 2014-05-13\n\nPotential Security Impact: Remote disclosure of information, Denial of\nService (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP System\nManagement Homepage (SMH) running on Linux and Windows. The vulnerabilities\ncould be exploited remotely resulting in Denial of Service (DoS). \n\nReferences:\n\nCVE-2014-0160 (SSRT101501) Disclosure of Information - \"Heartbleed\"\nCVE-2013-4353 Denial of Service (DoS)\nCVE-2013-6449 Denial of Service (DoS)\nCVE-2013-6450 Denial of Service (DoS)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP System Management Homepage (SMH) v7.1.2, v7.2, v7.2.1, v7.2.2, v7.3,\nv7.3.1 for Linux and Windows. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2013-4353 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2013-6449 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2013-6450 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the\nvulnerabilities for the impacted versions of HP System Management Homepage\n(SMH):\n\nProduct version/Platform\n Download Location\n\nSMH 7.2.3 Windows x86\n http://www.hp.com/swpublishing/MTX-d1488fd987894bc4ab3fe0ef52\n\nSMH 7.2.3 Windows x64\n http://www.hp.com/swpublishing/MTX-4575754bbb614b58bf0ae1ac37\n\nSMH 7.3.2.1(B) Windows x86\n http://www.hp.com/swpublishing/MTX-27e03b2f9cd24e77adc9dba94a\n\nSMH 7.3.2.1(B) Windows x64\n http://www.hp.com/swpublishing/MTX-37075daeead2433cb41b59ae76\n\nSMH 7.3.2 Linux x86\n http://www.hp.com/swpublishing/MTX-3d92ccccf85f404e8ba36a8178\n\nSMH 7.3.2 Linux x64\n http://www.hp.com/swpublishing/MTX-bfd3c0fb11184796b9428ced37\n\nNotes\n\nSMH 7.2.3 recommended for customers running Windows 2003 OS\nUpdated OpenSSL to version 1.0.1g\n\nNote: If you believe your SMH installation was exploited while it was running\ncomponents vulnerable to heartbleed, there are some steps to perform after\nyouve upgraded to the non-vulnerable components. These steps include\nrevoking, recreating, and re-importing certificates and resetting passwords\nthat might have been harvested by a malicious attacker using the heartbleed\nvulnerability. \n\nImpact on VCA - VCRM communication: VCA configures VCRM by importing the SMH\ncertificate from the SMH of VCA into the SMH of VCRM. When this certificate\nis deleted \u0026 regenerated (as suggested before), it needs to be (re)imported\nif the user wants to continue with Trust by Certificate option, and the\noutdated certificate should be revoked (deleted) from each location where it\nwas previously imported. \nIf you use HPSIMs 2-way trust feature, and have imported SMH certificates\ninto HPSIM, you will also need to revoke those SMH certificated from HPSIM\nand reimport the newly created SMH certificates. \nThough SMH uses OS credentials using OS-based APIs, user provided credentials\nare passed from the client (browser) to the server (SMH) using the HTTPS\nprotocol. If you suspect your systems using SMH were exploited while they\nwere vulnerable to heartbleed, these passwords need to be reset. \n\nFrequently Asked Questions\n\nWill updated systems require a reboot after applying the SMH patch?\nNo, reboot of the system will not be required. Installing the new build is\nsufficient to get back to the normal state. \nIs a Firmware Update necessary in addition to the SMH patch?\nNo, only the SMH update is sufficient to remove the heartbleed-vulnerable\nversion of SMH. \nWill new certificates be issued along with the patch, or need to be handled\nseparately?\nIf you suspect the certificate has been compromised due to this\nvulnerability, we do recommend to delete and revoke the certificate, or SMH\nwill reuse the existing certificate. New certificate will be created when SMH\nservice starts (at the end of the fresh / upgrade installation). Instructions\non deleting the certificate are in the notes above. \nWhere can I get SMH documentation?\nAll major documents are available at:\nhttp://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library\nSelect HP Insight Management under Product and Solutions \u0026 check HP System\nManagement Homepage to get SMH related documents. \n\nWhat are the recommended upgrade paths?\nSee the table below:\nSMH\n DVD\n SPP\n Recommended SMH update for Linux\n Recommended SMH update for Windows 2003 and Widows 2003 R2\n Recommended SMH update for other Windows OS versions\n\nv7.1.2\n v7.1.2\n 2012.10.0\n v7.3.2\n v7.2.3\n v7.3.2\n\nv7.2.0\n v7.2.0\n 2013.02.0(B)\n v7.3.2\n v7.2.3\n v7.3.2\n\nv7.2.1\n v7.2u1\n\n v7.3.2\n v7.2.3\n v7.3.2\n\nv7.2.2\n v7.2u2\n 2013.09.0(B)\n v7.3.2\n v7.2.3\n v7.3.2\n\nv7.3.0\n v7.3.0\n\n v7.3.2\n not supported\n v7.3.2\n\nv7.3.1\n v7.3.1\n 2014.02.0\n v7.3.2\n not supported\n v7.3.2\n\nHow can I verify whether my setup is patched successfully?\nSMH version can be verified by executing following command on:\nWindows: hp\\hpsmh\\bin\\smhlogreader version\nLinux: /opt/hp/hpsmh/bin/smhlogreader version\nWill VCA-VCRM communication be impacted due to the SMH certificate being\ndeleted?\nVCA configures VCRM by importing the SMH certificate (sslshare\\cert.pem) from\nthe SMH of VCA to the SMH of VCRM. When this certificate is deleted \u0026\nregenerated (as suggested before), it needs to be (re)imported if user wants\nto continue with Trust by Certificate option, and remove the old, previously\nimported certificate. \nShould I reset password on all managed nodes, where SMH was/is running?\nThough SMH uses OS credentials using OS based APIs, user-provided credentials\nare passed from the client (browser) to the server (SMH) using the HTTPS\nprotocol. Passwords need to be reset if you suspect the vulnerable version of\nSMH was exploited by malicious users/ hackers. \n\nHISTORY\nVersion:1 (rev.1) - 13 April 2014 Initial release\nVersion:2 (rev.2) - 17 April 2014 SMH 7.2.3 and 7.3.2 released\nVersion:3 (rev.3) - 30 April 2014 SMH 7.3.2.1(B) released\nVersion:4 (rev.4) - 13 May 2014 Added additional remediation steps for post\nupdate installation\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlNyLMAACgkQ4B86/C0qfVm6RQCg4JuHEt+iZq+td37hPIp27qrd\nfm4AoKM1d7+F05Xo87Bicnmh0OHidg/O\n=bK11\n-----END PGP SIGNATURE-----\n. This bulletin will give you the information needed to\nupdate your HP Insight Control server deployment solution. \n\nInstall HP Management Agents for Windows x86/x64\nInstall HP Management Agents for RHEL 5 x64\nInstall HP Management Agents for RHEL 6 x64\nInstall HP Management Agents for SLES 10 x64\nInstall HP Management Agents for SLES 11 x64\n\nReferences: CVE-2014-0160 (SSRT101538)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP is actively working to address this vulnerability for the impacted\nversions of HP Insight Control server deployment. This bulletin may be\nrevised. It is recommended that customers take the following approaches\ndepending on the version of HP Insight Control server deployment:\n\nTo address the vulnerability in an initial installation of HP Insight Control\nserver deployment v7.1.2, v7.2.0, v7.2.1, and v7.2.2 only follow steps 1\nthrough Step 3 of the following procedure, before initiating an operating\nsystem deployment. \n\nTo address the vulnerability in a previous installation of HP Insight Control\nserver deployment v7.1.2, v7.2.0, v7.2.1, and v7.2.2 follow all steps in the\nfollowing procedure. \n\nDelete the smhamd64-*.exe/smhx86-*.exe\" from Component Copy Location listed\nin the following table, row 1,2,3,4. \nDelete the affected hpsmh-7.*.rpm\" from Component Copy Location listed in the\nfollowing table, row 5. \nIn sequence, perform the steps from left to right in the following table. \nFirst, download components from Download Link; Second, rename the component\nas suggested in Rename to. Third, copy the component to the location\nsuggested in Component Copy Location. \nTable Row Number\n Download Link\n Rename to\n Component Copy Location\n\n1\n http://www.hp.com/swpublishing/MTX-d1488fd987894bc4ab3fe0ef52\n smhx86-cp023242.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2003\n\n2\n http://www.hp.com/swpublishing/MTX-4575754bbb614b58bf0ae1ac37\n smhamd64-cp023243.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2003\n\n3\n http://www.hp.com/swpublishing/MTX-2e19c856f0e84e20a14c63ecd0\n smhamd64-cp023240.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n4\n http://www.hp.com/swpublishing/MTX-41199f68c1144acb84a5798bf0\n smhx86-cp023239.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n5\n http://www.hp.com/swpublishing/MTX-bfd3c0fb11184796b9428ced37\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\nTable 1\n\nInitiate Install HP Management Agents for SLES 11 x64 on targets running\nSLES11 x64. \nInitiate Install HP Management Agents for SLES 10 x64 on targets running\nSLES10 x64. \nInitiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL\n6 x64. \nInitiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL\n5 x64",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0160"
},
{
"db": "CERT/CC",
"id": "VU#720951"
},
{
"db": "BID",
"id": "64074"
},
{
"db": "BID",
"id": "65604"
},
{
"db": "PACKETSTORM",
"id": "126644"
},
{
"db": "PACKETSTORM",
"id": "126784"
},
{
"db": "PACKETSTORM",
"id": "127085"
},
{
"db": "PACKETSTORM",
"id": "127279"
},
{
"db": "PACKETSTORM",
"id": "126045"
},
{
"db": "PACKETSTORM",
"id": "126086"
},
{
"db": "PACKETSTORM",
"id": "126164"
},
{
"db": "PACKETSTORM",
"id": "126305"
},
{
"db": "VULMON",
"id": "CVE-2014-0160"
},
{
"db": "PACKETSTORM",
"id": "126197"
},
{
"db": "PACKETSTORM",
"id": "126361"
},
{
"db": "PACKETSTORM",
"id": "126284"
},
{
"db": "PACKETSTORM",
"id": "126954"
},
{
"db": "PACKETSTORM",
"id": "126605"
},
{
"db": "PACKETSTORM",
"id": "126417"
}
],
"trust": 3.51
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/720951",
"trust": 0.8,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=32745",
"trust": 0.4,
"type": "exploit"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#720951"
},
{
"db": "VULMON",
"id": "CVE-2014-0160"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-0160",
"trust": 3.9
},
{
"db": "EXPLOIT-DB",
"id": "32745",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#720951",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "57721",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59243",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57836",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57968",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59347",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57966",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57483",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57347",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59139",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030079",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030074",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030081",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030080",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030026",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030077",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030082",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030078",
"trust": 1.1
},
{
"db": "BID",
"id": "66690",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "32764",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA14-098A",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-635659",
"trust": 1.1
},
{
"db": "BID",
"id": "64074",
"trust": 0.3
},
{
"db": "BID",
"id": "65604",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-135-02",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-0160",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126605",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126954",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126284",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126361",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126197",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126417",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126305",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126644",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126164",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126045",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127279",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126784",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#720951"
},
{
"db": "VULMON",
"id": "CVE-2014-0160"
},
{
"db": "BID",
"id": "64074"
},
{
"db": "BID",
"id": "65604"
},
{
"db": "PACKETSTORM",
"id": "126605"
},
{
"db": "PACKETSTORM",
"id": "126954"
},
{
"db": "PACKETSTORM",
"id": "126284"
},
{
"db": "PACKETSTORM",
"id": "126361"
},
{
"db": "PACKETSTORM",
"id": "126197"
},
{
"db": "PACKETSTORM",
"id": "126417"
},
{
"db": "PACKETSTORM",
"id": "126305"
},
{
"db": "PACKETSTORM",
"id": "126644"
},
{
"db": "PACKETSTORM",
"id": "126164"
},
{
"db": "PACKETSTORM",
"id": "126086"
},
{
"db": "PACKETSTORM",
"id": "126045"
},
{
"db": "PACKETSTORM",
"id": "127279"
},
{
"db": "PACKETSTORM",
"id": "127085"
},
{
"db": "PACKETSTORM",
"id": "126784"
},
{
"db": "NVD",
"id": "CVE-2014-0160"
}
]
},
"id": "VAR-201404-0592",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6038711649999999
},
"last_update_date": "2026-04-10T23:34:59.841000Z",
"patch": {
"_id": null,
"data": [
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2017/01/23/heartbleed_2017/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/04/24/apple_posts_updates_for_heartbleed_flaw_in_airport/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/04/11/hackers_hammering_heartbleed/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/04/09/heartbleed_vuln_analysis/"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2014-0160 heartbeat read overrun (heartbleed)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=e4799ab8fe4804274ba2db4d65cd867b"
},
{
"title": "Debian Security Advisories: DSA-2896-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=264ec318be06a69e28012f62b2dc5bb7"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2165-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2014-0160 "
},
{
"title": "exploits",
"trust": 0.1,
"url": "https://github.com/vs4vijay/exploits "
},
{
"title": "VULNIX",
"trust": 0.1,
"url": "https://github.com/El-Palomo/VULNIX "
},
{
"title": "openssl-heartbleed-fix",
"trust": 0.1,
"url": "https://github.com/sammyfung/openssl-heartbleed-fix "
},
{
"title": "cve-2014-0160",
"trust": 0.1,
"url": "https://github.com/cved-sources/cve-2014-0160 "
},
{
"title": "heartbleed_check",
"trust": 0.1,
"url": "https://github.com/ehoffmann-cp/heartbleed_check "
},
{
"title": "heartbleed",
"trust": 0.1,
"url": "https://github.com/okrutnik420/heartbleed "
},
{
"title": "heartbleed-test.crx",
"trust": 0.1,
"url": "https://github.com/iwaffles/heartbleed-test.crx "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Maheshmaske111/te "
},
{
"title": "AradSocket",
"trust": 0.1,
"url": "https://github.com/araditc/AradSocket "
},
{
"title": "sslscan",
"trust": 0.1,
"url": "https://github.com/kaisenlinux/sslscan "
},
{
"title": "Springboard_Capstone_Project",
"trust": 0.1,
"url": "https://github.com/jonahwinninghoff/Springboard_Capstone_Project "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/MrE-Fog/heartbleeder "
},
{
"title": "buffer_overflow_exploit",
"trust": 0.1,
"url": "https://github.com/olivamadrigal/buffer_overflow_exploit "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/ashrafulislamcs/Ubuntu-Server-Hardening "
},
{
"title": "insecure_project",
"trust": 0.1,
"url": "https://github.com/turtlesec-no/insecure_project "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Maheshmaske111/ssl "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/H4R335HR/heartbleed "
},
{
"title": "nmap-scripts",
"trust": 0.1,
"url": "https://github.com/takeshixx/nmap-scripts "
},
{
"title": "knockbleed",
"trust": 0.1,
"url": "https://github.com/siddolo/knockbleed "
},
{
"title": "heartbleed-masstest",
"trust": 0.1,
"url": "https://github.com/musalbas/heartbleed-masstest "
},
{
"title": "HeartBleedDotNet",
"trust": 0.1,
"url": "https://github.com/ShawInnes/HeartBleedDotNet "
},
{
"title": "heartbleed_test_openvpn",
"trust": 0.1,
"url": "https://github.com/weisslj/heartbleed_test_openvpn "
},
{
"title": "paraffin",
"trust": 0.1,
"url": "https://github.com/vmeurisse/paraffin "
},
{
"title": "sslscan",
"trust": 0.1,
"url": "https://github.com/rbsec/sslscan "
},
{
"title": "Heartbleed_Dockerfile_with_Nginx",
"trust": 0.1,
"url": "https://github.com/froyo75/Heartbleed_Dockerfile_with_Nginx "
},
{
"title": "heartbleed-bug",
"trust": 0.1,
"url": "https://github.com/cldme/heartbleed-bug "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/H4CK3RT3CH/awesome-web-hacking "
},
{
"title": "Web-Hacking",
"trust": 0.1,
"url": "https://github.com/adm0i/Web-Hacking "
},
{
"title": "cybersecurity-ethical-hacking",
"trust": 0.1,
"url": "https://github.com/paulveillard/cybersecurity-ethical-hacking "
},
{
"title": "Lastest-Web-Hacking-Tools-vol-I",
"trust": 0.1,
"url": "https://github.com/SARATOGAMarine/Lastest-Web-Hacking-Tools-vol-I "
},
{
"title": "HTBValentineWriteup",
"trust": 0.1,
"url": "https://github.com/zimmel15/HTBValentineWriteup "
},
{
"title": "heartbleed-poc",
"trust": 0.1,
"url": "https://github.com/sensepost/heartbleed-poc "
},
{
"title": "CVE-2014-0160",
"trust": 0.1,
"url": "https://github.com/0x90/CVE-2014-0160 "
},
{
"title": "Certified-Ethical-Hacker-Exam-CEH-v10",
"trust": 0.1,
"url": "https://github.com/Tung0801/Certified-Ethical-Hacker-Exam-CEH-v10 "
},
{
"title": "cs558heartbleed",
"trust": 0.1,
"url": "https://github.com/gkaptch1/cs558heartbleed "
},
{
"title": "HeartBleed",
"trust": 0.1,
"url": "https://github.com/archaic-magnon/HeartBleed "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/undacmic/heartbleed-proof-of-concept "
},
{
"title": "openvpn-jookk",
"trust": 0.1,
"url": "https://github.com/Jeypi04/openvpn-jookk "
},
{
"title": "Heartbleed",
"trust": 0.1,
"url": "https://github.com/Saiprasad16/Heartbleed "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/KickFootCode/LoveYouALL "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imesecan/LeakReducer-artifacts "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/TVernet/Kali-Tools-liste-et-description "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/k4u5h41/Heartbleed "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/ronaldogdm/Heartbleed "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/rochacbruno/my-awesome-stars "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/asadhasan73/temp_comp_sec "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Aakaashzz/Heartbleed "
},
{
"title": "tls-channel",
"trust": 0.1,
"url": "https://github.com/marianobarrios/tls-channel "
},
{
"title": "fuzzx_cpp_demo",
"trust": 0.1,
"url": "https://github.com/guardstrikelab/fuzzx_cpp_demo "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Ppamo/recon_net_tools "
},
{
"title": "heatbleeding",
"trust": 0.1,
"url": "https://github.com/idkqh7/heatbleeding "
},
{
"title": "HeartBleed-Vulnerability-Checker",
"trust": 0.1,
"url": "https://github.com/waqasjamal/HeartBleed-Vulnerability-Checker "
},
{
"title": "heartbleed",
"trust": 0.1,
"url": "https://github.com/iSCInc/heartbleed "
},
{
"title": "heartbleed-dtls",
"trust": 0.1,
"url": "https://github.com/hreese/heartbleed-dtls "
},
{
"title": "heartbleedchecker",
"trust": 0.1,
"url": "https://github.com/roganartu/heartbleedchecker "
},
{
"title": "nmap-heartbleed",
"trust": 0.1,
"url": "https://github.com/azet/nmap-heartbleed "
},
{
"title": "sslscan",
"trust": 0.1,
"url": "https://github.com/delishen/sslscan "
},
{
"title": "web-hacking",
"trust": 0.1,
"url": "https://github.com/hr-beast/web-hacking "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Miss-Brain/Web-Application-Security "
},
{
"title": "web-hacking",
"trust": 0.1,
"url": "https://github.com/Hemanthraju02/web-hacking "
},
{
"title": "awesome-web-hacking",
"trust": 0.1,
"url": "https://github.com/QWERTSKIHACK/awesome-web-hacking "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/himera25/web-hacking-list "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/dorota-fiit/bp-Heartbleed-defense-game "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Maheshmaske111/sslscan "
},
{
"title": "Heart-bleed",
"trust": 0.1,
"url": "https://github.com/anonymouse327311/Heart-bleed "
},
{
"title": "goScan",
"trust": 0.1,
"url": "https://github.com/stackviolator/goScan "
},
{
"title": "sec-tool-list",
"trust": 0.1,
"url": "https://github.com/alphaSeclab/sec-tool-list "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/utensil/awesome-stars-test "
},
{
"title": "insecure-cplusplus-dojo",
"trust": 0.1,
"url": "https://github.com/patricia-gallardo/insecure-cplusplus-dojo "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/jubalh/awesome-package-maintainer "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Elnatty/tryhackme_labs "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hzuiw33/OpenSSL "
},
{
"title": "makeItBleed",
"trust": 0.1,
"url": "https://github.com/mcampa/makeItBleed "
},
{
"title": "CVE-2014-0160-Chrome-Plugin",
"trust": 0.1,
"url": "https://github.com/Xyl2k/CVE-2014-0160-Chrome-Plugin "
},
{
"title": "heartbleedfixer.com",
"trust": 0.1,
"url": "https://github.com/reenhanced/heartbleedfixer.com "
},
{
"title": "CVE-2014-0160-Scanner",
"trust": 0.1,
"url": "https://github.com/obayesshelton/CVE-2014-0160-Scanner "
},
{
"title": "openmagic",
"trust": 0.1,
"url": "https://github.com/isgroup-srl/openmagic "
},
{
"title": "heartbleeder",
"trust": 0.1,
"url": "https://github.com/titanous/heartbleeder "
},
{
"title": "cardiac-arrest",
"trust": 0.1,
"url": "https://github.com/ah8r/cardiac-arrest "
},
{
"title": "heartbleed_openvpn_poc",
"trust": 0.1,
"url": "https://github.com/tam7t/heartbleed_openvpn_poc "
},
{
"title": "docker-wheezy-with-heartbleed",
"trust": 0.1,
"url": "https://github.com/simonswine/docker-wheezy-with-heartbleed "
},
{
"title": "docker-testssl",
"trust": 0.1,
"url": "https://github.com/mbentley/docker-testssl "
},
{
"title": "heartbleedscanner",
"trust": 0.1,
"url": "https://github.com/hybridus/heartbleedscanner "
},
{
"title": "HeartLeak",
"trust": 0.1,
"url": "https://github.com/OffensivePython/HeartLeak "
},
{
"title": "HBL",
"trust": 0.1,
"url": "https://github.com/ssc-oscar/HBL "
},
{
"title": "awesome-stars",
"trust": 0.1,
"url": "https://github.com/utensil/awesome-stars "
},
{
"title": "SecurityTesting_web-hacking",
"trust": 0.1,
"url": "https://github.com/mostakimur/SecurityTesting_web-hacking "
},
{
"title": "awesome-web-hacking",
"trust": 0.1,
"url": "https://github.com/winterwolf32/awesome-web-hacking "
},
{
"title": "awesome-web-hacking-1",
"trust": 0.1,
"url": "https://github.com/winterwolf32/awesome-web-hacking-1 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Mehedi-Babu/ethical_hacking_cyber "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/drakyanerlanggarizkiwardhana/awesome-web-hacking "
},
{
"title": "awesome-web-hacking",
"trust": 0.1,
"url": "https://github.com/thanshurc/awesome-web-hacking "
},
{
"title": "hack",
"trust": 0.1,
"url": "https://github.com/nvnpsplt/hack "
},
{
"title": "awesome-web-hacking",
"trust": 0.1,
"url": "https://github.com/noname1007/awesome-web-hacking "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/ImranTheThirdEye/awesome-web-hacking "
},
{
"title": "web-hacking",
"trust": 0.1,
"url": "https://github.com/Ondrik8/web-hacking "
},
{
"title": "CheckSSL-ciphersuite",
"trust": 0.1,
"url": "https://github.com/kal1gh0st/CheckSSL-ciphersuite "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/undacmic/HeartBleed-Demo "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/MrE-Fog/ssl-heartbleed.nse "
},
{
"title": "welivesecurity",
"trust": 0.1,
"url": "https://www.welivesecurity.com/2015/08/03/worlds-biggest-bug-bounty-payouts/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/oracle-gives-heartbleed-update-patches-14-products/105576/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0160"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0160"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.7,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0376.html"
},
{
"trust": 1.9,
"url": "http://heartbleed.com/"
},
{
"trust": 1.9,
"url": "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/"
},
{
"trust": 1.9,
"url": "https://www.cert.fi/en/reports/2014/vulnerability788210.html"
},
{
"trust": 1.9,
"url": "https://code.google.com/p/mod-spdy/issues/detail?id=85"
},
{
"trust": 1.9,
"url": "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160"
},
{
"trust": 1.9,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140409-heartbleed"
},
{
"trust": 1.9,
"url": "http://www.debian.org/security/2014/dsa-2896"
},
{
"trust": 1.9,
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html"
},
{
"trust": 1.7,
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/"
},
{
"trust": 1.7,
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2165-1"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875"
},
{
"trust": 1.1,
"url": "http://www.openssl.org/news/secadv_20140407.txt"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030078"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/apr/109"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/apr/190"
},
{
"trust": 1.1,
"url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-april/000184.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0396.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030082"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57347"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139722163017074\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030077"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670161"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0377.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030080"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-april/131221.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030074"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/apr/90"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030081"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0378.html"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/apr/91"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57483"
},
{
"trust": 1.1,
"url": "http://www.splunk.com/view/sp-caaamb3"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-april/131291.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030079"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57721"
},
{
"trust": 1.1,
"url": "http://www.blackberry.com/btsc/kb35882"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030026"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/66690"
},
{
"trust": 1.1,
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/ncas/alerts/ta14-098a"
},
{
"trust": 1.1,
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57966"
},
{
"trust": 1.1,
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-1"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/apr/173"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57968"
},
{
"trust": 1.1,
"url": "http://www.exploit-db.com/exploits/32745"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/720951"
},
{
"trust": 1.1,
"url": "http://www.exploit-db.com/exploits/32764"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57836"
},
{
"trust": 1.1,
"url": "https://gist.github.com/chapmajs/10473815"
},
{
"trust": 1.1,
"url": "http://cogentdatahub.com/releasenotes.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905458328378\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139869891830365\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139889113431619\u0026w=2"
},
{
"trust": 1.1,
"url": "http://public.support.unisys.com/common/public/vulnerability/nvd_detail_rpt.aspx?id=1"
},
{
"trust": 1.1,
"url": "http://www.kerio.com/support/kerio-control/release-history"
},
{
"trust": 1.1,
"url": "http://public.support.unisys.com/common/public/vulnerability/nvd_detail_rpt.aspx?id=3"
},
{
"trust": 1.1,
"url": "http://advisories.mageia.org/mgasa-2014-0165.html"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?spf_p.tpst=kbdocdisplay\u0026spf_p.prp_kbdocdisplay=wsrp-navigationalstate%3ddocid%253demr_na-c04260637-4%257cdoclocale%253den_us%257ccalledby%253dsearch_result\u0026javax.portlet.begcachetok=com.vignette.cachetoken\u0026javax.portlet.endcachetok=com.vignette.cachetoken"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"trust": 1.1,
"url": "https://filezilla-project.org/versions.php?type=server"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=141287864628122\u0026w=2"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139817727317190\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139757726426985\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139758572430452\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905653828999\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139842151128341\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905405728262\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139833395230364\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139824993005633\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139843768401936\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905202427693\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139774054614965\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139889295732144\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139835815211508\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140724451518351\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139808058921905\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139836085512508\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139869720529462\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905868529690\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139765756720506\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140015787404650\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139824923705461\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139757919027752\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139774703817488\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905243827825\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140075368411126\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905295427946\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139835844111589\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139757819327350\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139817685517037\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905351928096\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139817782017443\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160512_00"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004661"
},
{
"trust": 1.1,
"url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_release_notes.pdf"
},
{
"trust": 1.1,
"url": "http://www.apcmedia.com/salestools/sjhn-7rkgnm/sjhn-7rkgnm_r4_en.pdf"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59347"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59243"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59139"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.1,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd%202014-119-01"
},
{
"trust": 1.1,
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html"
},
{
"trust": 1.1,
"url": "http://support.citrix.com/article/ctx140605"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008"
},
{
"trust": 1.1,
"url": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf"
},
{
"trust": 1.1,
"url": "https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd"
},
{
"trust": 1.1,
"url": "http://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=96db9023b881d7cd9f379b0c154650d6c108e9a3"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 1.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2014-0160"
},
{
"trust": 0.8,
"url": "http://seclists.org/oss-sec/2014/q2/22"
},
{
"trust": 0.8,
"url": "http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=96db902"
},
{
"trust": 0.8,
"url": "https://tools.ietf.org/html/rfc6520"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"trust": 0.8,
"url": "http://www.hut3.net/blog/cns---networks-security/2014/04/14/bugs-in-heartbleed-detection-scripts-"
},
{
"trust": 0.8,
"url": "http://blog.cryptographyengineering.com/2014/04/attack-of-week-openssl-heartbleed.html"
},
{
"trust": 0.8,
"url": "http://xkcd.com/1354/"
},
{
"trust": 0.8,
"url": "http://www.exploit-db.com/exploits/32745/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2014-0160 "
},
{
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/usn-2165-1/"
},
{
"trust": 0.8,
"url": "http://www.freshports.org/security/openssl/"
},
{
"trust": 0.8,
"url": "http://kb.bluecoat.com/index?page=content\u0026id=sa79"
},
{
"trust": 0.8,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid="
},
{
"trust": 0.8,
"url": "http://learn.extremenetworks.com/rs/extreme/images/cert_vu%23720951_vulnerability_advisory_04_11_2014v2.pdf"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-011/"
},
{
"trust": 0.8,
"url": "http://www.freebsd.org/security/advisories/freebsd-sa-14:06.openssl.asc"
},
{
"trust": 0.8,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201404-07.xml"
},
{
"trust": 0.8,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04239375"
},
{
"trust": 0.8,
"url": "http://www.hitachi.com/hirt/publications/hirt-pub14005/index.html"
},
{
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?\u0026uid=swg21669774"
},
{
"trust": 0.8,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00037\u0026languageid=en-fr"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10623"
},
{
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10071"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/security-announce/2014/04/08/msg000085.html"
},
{
"trust": 0.8,
"url": "http://ftp.openbsd.org/pub/openbsd/patches/5.3/common/014_openssl.patch"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.533622"
},
{
"trust": 0.8,
"url": "http://kb.vmware.com/kb/2076225"
},
{
"trust": 0.8,
"url": "https://support.windriver.com/"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/b/security/archive/2014/04/10/microsoft-devices-and-services-and-the-openssl-heartbleed-vulnerability.aspx"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/threads/3062-special-notice-on-openssl-heartbleed-vulnerability"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk100173"
},
{
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/av14-001.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140734-1.html"
},
{
"trust": 0.3,
"url": "rubygems.org/gems/actionpack"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1036483"
},
{
"trust": 0.3,
"url": "http://puppetlabs.com/security/cve/cve-2013-6414"
},
{
"trust": 0.3,
"url": "http://rubygems.org/"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0008.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2013-1794.html"
},
{
"trust": 0.3,
"url": "http://puppetlabs.com/security/cve/cve-2014-0082"
},
{
"trust": 0.3,
"url": "http://weblog.rubyonrails.org/2014/2/18/rails_3_2_17_4_0_3_and_4_1_0_beta2_have_been_released/"
},
{
"trust": 0.3,
"url": "http://rubyonrails.org/"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0306.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0215.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4353"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-d1488fd987894bc4ab3fe0ef52"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-4575754bbb614b58bf0ae1ac37"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-bfd3c0fb11184796b9428ced37"
},
{
"trust": 0.2,
"url": "http://support.openview.hp.com/downloads.jsp"
},
{
"trust": 0.2,
"url": "http://www8.h"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "http://seclists.org/fulldisclosure/2019/jan/42"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-2896"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/oracle-gives-heartbleed-update-patches-14-products/105576/"
},
{
"trust": 0.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-135-02"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2165-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6450"
},
{
"trust": 0.1,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6449"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-3d92ccccf85f404e8ba36a8178"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-37075daeead2433cb41b59ae76"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-27e03b2f9cd24e77adc9dba94a"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hp.com/go/insightupdates"
},
{
"trust": 0.1,
"url": "http://h20565.www2.hp.com/portal/site/hpsc/template.page/public/psi/swddetail"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4929"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0160.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-4353.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0416.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0169.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4929.html"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-41199f68c1144acb84a5798bf0"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-2e19c856f0e84e20a14c63ecd0"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lrvug_00092"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lrlg_00051"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/pc_00299"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lranlsys_00074"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03305"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03329"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/pc_00296"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03307"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lrlg_00052"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03315"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03306"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lranlsys_00075"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03328"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03332"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lrvug_00094"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03316"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03304"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03333"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/agents/index.html"
},
{
"trust": 0.1,
"url": "http://eprint.iacr.org/2014/140"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.12"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1c-3ubuntu2.7"
},
{
"trust": 0.1,
"url": "http://www.hp.com/support/eslg3"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-9c71e9ff82af4d1fbdea666d97"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-ade2403c9999459aa758e16d46"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-16533b4917c84c8c81b703f354"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-06eee9db0f4a40d98d8cb32421"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/p"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#720951"
},
{
"db": "VULMON",
"id": "CVE-2014-0160"
},
{
"db": "BID",
"id": "64074"
},
{
"db": "BID",
"id": "65604"
},
{
"db": "PACKETSTORM",
"id": "126605"
},
{
"db": "PACKETSTORM",
"id": "126954"
},
{
"db": "PACKETSTORM",
"id": "126284"
},
{
"db": "PACKETSTORM",
"id": "126361"
},
{
"db": "PACKETSTORM",
"id": "126197"
},
{
"db": "PACKETSTORM",
"id": "126417"
},
{
"db": "PACKETSTORM",
"id": "126305"
},
{
"db": "PACKETSTORM",
"id": "126644"
},
{
"db": "PACKETSTORM",
"id": "126164"
},
{
"db": "PACKETSTORM",
"id": "126086"
},
{
"db": "PACKETSTORM",
"id": "126045"
},
{
"db": "PACKETSTORM",
"id": "127279"
},
{
"db": "PACKETSTORM",
"id": "127085"
},
{
"db": "PACKETSTORM",
"id": "126784"
},
{
"db": "NVD",
"id": "CVE-2014-0160"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#720951",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2014-0160",
"ident": null
},
{
"db": "BID",
"id": "64074",
"ident": null
},
{
"db": "BID",
"id": "65604",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126605",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126954",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126284",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126361",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126197",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126417",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126305",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126644",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126164",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126086",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126045",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127279",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127085",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126784",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-0160",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-04-08T00:00:00",
"db": "CERT/CC",
"id": "VU#720951",
"ident": null
},
{
"date": "2014-04-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0160",
"ident": null
},
{
"date": "2013-12-02T00:00:00",
"db": "BID",
"id": "64074",
"ident": null
},
{
"date": "2014-02-18T00:00:00",
"db": "BID",
"id": "65604",
"ident": null
},
{
"date": "2014-05-13T18:24:00",
"db": "PACKETSTORM",
"id": "126605",
"ident": null
},
{
"date": "2014-06-05T21:02:31",
"db": "PACKETSTORM",
"id": "126954",
"ident": null
},
{
"date": "2014-04-23T21:25:00",
"db": "PACKETSTORM",
"id": "126284",
"ident": null
},
{
"date": "2014-04-28T20:36:00",
"db": "PACKETSTORM",
"id": "126361",
"ident": null
},
{
"date": "2014-04-17T22:02:09",
"db": "PACKETSTORM",
"id": "126197",
"ident": null
},
{
"date": "2014-05-01T02:16:33",
"db": "PACKETSTORM",
"id": "126417",
"ident": null
},
{
"date": "2014-04-24T22:21:23",
"db": "PACKETSTORM",
"id": "126305",
"ident": null
},
{
"date": "2014-05-16T04:40:57",
"db": "PACKETSTORM",
"id": "126644",
"ident": null
},
{
"date": "2014-04-15T23:01:44",
"db": "PACKETSTORM",
"id": "126164",
"ident": null
},
{
"date": "2014-04-09T22:48:55",
"db": "PACKETSTORM",
"id": "126086",
"ident": null
},
{
"date": "2014-04-07T22:44:13",
"db": "PACKETSTORM",
"id": "126045",
"ident": null
},
{
"date": "2014-06-30T23:47:20",
"db": "PACKETSTORM",
"id": "127279",
"ident": null
},
{
"date": "2014-06-13T13:31:03",
"db": "PACKETSTORM",
"id": "127085",
"ident": null
},
{
"date": "2014-05-23T13:13:00",
"db": "PACKETSTORM",
"id": "126784",
"ident": null
},
{
"date": "2014-04-07T22:55:03.893000",
"db": "NVD",
"id": "CVE-2014-0160",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-05-13T00:00:00",
"db": "CERT/CC",
"id": "VU#720951",
"ident": null
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0160",
"ident": null
},
{
"date": "2015-04-13T21:20:00",
"db": "BID",
"id": "64074",
"ident": null
},
{
"date": "2015-04-13T21:44:00",
"db": "BID",
"id": "65604",
"ident": null
},
{
"date": "2025-10-22T01:15:53.233000",
"db": "NVD",
"id": "CVE-2014-0160",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "64074"
},
{
"db": "BID",
"id": "65604"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "OpenSSL TLS heartbeat extension read overflow discloses sensitive information",
"sources": [
{
"db": "CERT/CC",
"id": "VU#720951"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "64074"
}
],
"trust": 0.3
}
}
VAR-201410-1418
Vulnerability from variot - Updated: 2026-04-10 23:34The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. OpenSSL is prone to an information disclosure vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. The following versions are vulnerable: OpenSSL 0.9.8 prior to 0.9.8zc OpenSSL 1.0.0 prior to 1.0.0o OpenSSL 1.0.1 prior to 1.0.1j. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. The vulnerability is caused by the program's use of non-deterministic CBC padding. OpenSSL Security Advisory [15 Oct 2014] =======================================
SRTP Memory Leak (CVE-2014-3513)
Severity: High
A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected.
This issue was reported to OpenSSL on 26th September 2014, based on an original issue and patch developed by the LibreSSL project. Further analysis of the issue was performed by the OpenSSL team.
The fix was developed by the OpenSSL team.
Session Ticket Memory Leak (CVE-2014-3567)
Severity: Medium
When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack.
This issue was reported to OpenSSL on 8th October 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
SSL 3.0 Fallback protection
Severity: Medium
OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade.
Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE (CVE-2014-3566).
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 https://www.openssl.org/~bodo/ssl-poodle.pdf
Support for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller.
Build option no-ssl3 is incomplete (CVE-2014-3568)
Severity: Low
When OpenSSL is configured with "no-ssl3" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them.
This issue was reported to OpenSSL by Akamai Technologies on 14th October 2014.
The fix was developed by Akamai and the OpenSSL team.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20141015.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
. The following firmware versions of Virtual Connect (VC) are impacted:
HPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45 HPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21
Note: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800, CVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and CVE-2016-2842. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201507-14
https://security.gentoo.org/
Severity: Normal Title: Oracle JRE/JDK: Multiple vulnerabilities Date: July 10, 2015 Bugs: #537214 ID: 201507-14
Synopsis
Multiple vulnerabilities have been found in Oracle JRE/JDK, allowing both local and remote attackers to compromise various Java components. Please review the CVE identifiers referenced below for details.
Impact
An context-dependent attacker may be able to influence the confidentiality, integrity, and availability of Java applications/runtime.
Workaround
There is no workaround at this time.
Resolution
All Oracle JRE 8 users should upgrade to the latest stable version:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-java/oracle-jre-bin-1.8.0.31
All Oracle JDK 8 users should upgrade to the latest stable version:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-java/oracle-jdk-bin-1.8.0.31
All Oracle JRE 7 users should upgrade to the latest version:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-java/oracle-jre-bin-1.7.0.76
All Oracle JDK 7 users should upgrade to the latest stable version:
emerge --sync
emerge --ask --oneshot --verbose ">=dev-java/oracle-jdk-bin-1.7.0.76
References
[ 1 ] CVE-2014-3566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3566
[ 2 ] CVE-2014-6549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6549
[ 3 ] CVE-2014-6585
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6585
[ 4 ] CVE-2014-6587
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6587
[ 5 ] CVE-2014-6591
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6591
[ 6 ] CVE-2014-6593
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6593
[ 7 ] CVE-2014-6601
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6601
[ 8 ] CVE-2015-0383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0383
[ 9 ] CVE-2015-0395
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0395
[ 10 ] CVE-2015-0400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0400
[ 11 ] CVE-2015-0403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0403
[ 12 ] CVE-2015-0406
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0406
[ 13 ] CVE-2015-0407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0407
[ 14 ] CVE-2015-0408
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0408
[ 15 ] CVE-2015-0410
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0410
[ 16 ] CVE-2015-0412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0412
[ 17 ] CVE-2015-0413
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0413
[ 18 ] CVE-2015-0421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0421
Availability
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201507-14
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
HP CMS: UCMDB Browser all supported versions. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.7.0-ibm security update
Advisory ID: RHSA-2014:1876-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1876.html
Issue date: 2014-11-19
CVE Names: CVE-2014-3065 CVE-2014-3566 CVE-2014-4288
CVE-2014-6456 CVE-2014-6457 CVE-2014-6458
CVE-2014-6476 CVE-2014-6492 CVE-2014-6493
CVE-2014-6502 CVE-2014-6503 CVE-2014-6506
CVE-2014-6511 CVE-2014-6512 CVE-2014-6515
CVE-2014-6527 CVE-2014-6531 CVE-2014-6532
CVE-2014-6558
=====================================================================
- Summary:
Updated java-1.7.0-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 Supplementary.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64
- Description:
IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM
Java Software Development Kit.
This update fixes several vulnerabilities in the IBM Java Runtime
Environment and the IBM Java Software Development Kit. Detailed
vulnerability descriptions are linked from the IBM Security alerts
page, listed in the References section. (CVE-2014-3065, CVE-2014-3566,
CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476,
CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506,
CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531,
CVE-2014-6532, CVE-2014-6558)
The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat
Product Security.
Note: With this update, the IBM SDK now disables the SSL 3.0 protocol to
address the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM
article linked to in the References section for additional details about
this change and instructions on how to re-enable SSL 3.0 support if needed.
All users of java-1.7.0-ibm are advised to upgrade to these updated
packages, containing the IBM Java SE 7 SR8 release. All running instances
of IBM Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1071210 - CVE-2014-6512 OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)
1150155 - CVE-2014-6506 OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)
1150651 - CVE-2014-6531 OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)
1150669 - CVE-2014-6502 OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)
1151046 - CVE-2014-6457 OpenJDK: Triple Handshake attack against TLS/SSL connections (JSSE, 8037066)
1151063 - CVE-2014-6558 OpenJDK: CipherInputStream incorrect exception handling (Security, 8037846)
1151517 - CVE-2014-6511 ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)
1152756 - CVE-2014-6532 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152757 - CVE-2014-6503 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152758 - CVE-2014-6456 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)
1152759 - CVE-2014-6492 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152760 - CVE-2014-6493 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152761 - CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152763 - CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152765 - CVE-2014-6476 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)
1152766 - CVE-2014-6515 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
1152767 - CVE-2014-6527 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)
1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack
1162554 - CVE-2014-3065 IBM JDK: privilege escalation via shared class cache
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
x86_64:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
ppc:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc64.rpm
s390x:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390x.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390x.rpm
x86_64:
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm
java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-3065
https://access.redhat.com/security/cve/CVE-2014-3566
https://access.redhat.com/security/cve/CVE-2014-4288
https://access.redhat.com/security/cve/CVE-2014-6456
https://access.redhat.com/security/cve/CVE-2014-6457
https://access.redhat.com/security/cve/CVE-2014-6458
https://access.redhat.com/security/cve/CVE-2014-6476
https://access.redhat.com/security/cve/CVE-2014-6492
https://access.redhat.com/security/cve/CVE-2014-6493
https://access.redhat.com/security/cve/CVE-2014-6502
https://access.redhat.com/security/cve/CVE-2014-6503
https://access.redhat.com/security/cve/CVE-2014-6506
https://access.redhat.com/security/cve/CVE-2014-6511
https://access.redhat.com/security/cve/CVE-2014-6512
https://access.redhat.com/security/cve/CVE-2014-6515
https://access.redhat.com/security/cve/CVE-2014-6527
https://access.redhat.com/security/cve/CVE-2014-6531
https://access.redhat.com/security/cve/CVE-2014-6532
https://access.redhat.com/security/cve/CVE-2014-6558
https://access.redhat.com/security/updates/classification/#critical
https://www.ibm.com/developerworks/java/jdk/alerts/
https://www-01.ibm.com/support/docview.wss?uid=swg21688165
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUbOWGXlSAg2UNWIIRAhPmAJ96YO5JFEg4GS1MkDIeXQkRxbN0hACgoUiY
ehbScogUJnSordhBH11LgWQ=
=ko7F
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
ftp://ssl098zc:Secure12@ftp.usa.hp.com
User name: ssl098zc Password: (NOTE: Case sensitive) Secure12
HP-UX Release
HP-UX OpenSSL version
B.11.11 (11i v1)
A.00.09.08zc.001_HP-UX_B.11.11_32+64.depot
B.11.23 (11i v2)
A.00.09.08zc.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3)
A.00.09.08zc.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08zc or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application
that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins
issued by HP and lists recommended actions that may apply to a specific HP-UX
system. It can also download patches and create a depot automatically. For
more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
The update is available from HPE Software Depot: https://h20392.www2.hpe.com/
portal/swdepot/displayProductInfo.do?productNumber=HPVPRhttps://www.hpe.com
Note: HPE recommends customers using OV4VC 7.8.1 and earlier should upgrade
to OV4VC 7.8.2. This addresses all SSL security vulnerabilities reported
through March 28, 2016. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04496538
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04496538
Version: 1
HPSBGN03164 rev.1 - HP IceWall SSO Dfw, SSO Certd and MCRP running OpenSSL,
Remote Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2014-11-10
Last Updated: 2014-11-10
Potential Security Impact: Remote disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP IceWall SSO
Dfw , SSO Certd, and MCRP running OpenSSL.
This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy
Encryption" or "Poodle", which could be exploited remotely resulting in
disclosure of information..
References: CVE-2014-3566 (SSRT101789)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- HP IceWall MCRP v2.1, v3.0
- HP IceWall SSO Dfw v8.0, v8.0 R1, v8.0 R2, v8.0 R3, and v10.0
- HP IceWall SSO Certd v8.0R3 with DB plugin patch 2 and v10.0
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score
CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends the following software updates and workaround instructions to
resolve this vulnerability for HP IceWall SSO Dfw, SSO Certd, and MCRP.
The software updates are available at:
http://www.hp.com/jp/icewall_patchaccess
Notes:
- There are no updates or mitigations for MCRP 2.1 and Dfw
8.0/8.0R1/8.0R2/8.0R3.
- HP recommends updating these older versions to the latest versions and
patches and then following the WORKAROUND INSTRUCTIONS below.
- The WORKAROUND INSTRUCTIONS should be followed after applying the
following updates.
Software Update Versions
HP IceWall MCRP 3.0 Patch release 1
HP IceWall SSO Dfw 10.0 Patch release 7
Note: Both software update versions provide the use of TLSv1 which is not
vulnerable and available for each supported platform.
WORKAROUND INSTRUCTIONS
HP recommends the following information to protect against potential risk
for the following HP IceWall products.
HP IceWall SSO Dfw and MCRP
- If possible, do not use the SHOST setting which allows IceWall SSO
Dfw or MCRP to use SSL/TLS protocol to back-end web servers.
- The following steps should be applied if SSL/TLS protocol to back-end
web servers must be used:
o For MCRP: apply MCRP patch release 1
o For Dfw: apply Dfw patch release 7 or later
o Set SSL_PROTOCOL parameter to TLSv1
HP IceWall SSO Certd
- For Certd version 10.0 and 8.0R3: apply DB plugin patch release 2
- If possible, do not use the LDAPSSL setting which allows IceWall SSO
Certd to connect to the LDAP server using SSL/TLS protocol.
- If SSL/TLS protocol must be used to LDAP server, configure the LDAP
server to use only TLSv1 as a mitigation for the vulnerability. For example,
on an OpenLDAP server (slapd), Set the TLSProtocolMin parameter.
Note: The HP IceWall product is only available in Japan.
HISTORY
Version:1 (rev.1) - 10 November 2014 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners.
HP SiteScope 11.1x
HP SiteScope 11.2x
Important note: HP SiteScope is impacted if and only if it is configured to
work over secure channel (HTTPS). This protocol is now disabled by default.
For the oldstable distribution (wheezy), this problem has been fixed
in version 1.4.31-4+deb7u4.
We recommend that you upgrade your lighttpd packages
Show details on source website
{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "suse linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8u"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8o"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "12.3"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8w"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "suse linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.5"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "suse linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "12.0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "21"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8za"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8p"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "database",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.2.0.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.7"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.4"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8z"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.5"
},
{
"_id": null,
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1"
},
{
"_id": null,
"model": "suse linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "12.0"
},
{
"_id": null,
"model": "suse linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "10.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "mageia",
"scope": "eq",
"trust": 1.0,
"vendor": "mageia",
"version": "3.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8zb"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.4"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8e"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.3"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8q"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0n"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8f"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0"
},
{
"_id": null,
"model": "suse linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "12.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.3"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "suse linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "9.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8k"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1.4"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8i"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8r"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8t"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8m"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8n"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1.3"
},
{
"_id": null,
"model": "suse linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.2.1"
},
{
"_id": null,
"model": "mageia",
"scope": "eq",
"trust": 1.0,
"vendor": "mageia",
"version": "4.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8s"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "database",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.0.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8y"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.6"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.3.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.2"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.2.2"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.1.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.2.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "5.1.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "6.0.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "windows vista service pack",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.12"
},
{
"_id": null,
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.6"
},
{
"_id": null,
"model": "integrated lights out",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "21.16"
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment 5.1.fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.780"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.1"
},
{
"_id": null,
"model": "phaser",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "78000"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"_id": null,
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.842"
},
{
"_id": null,
"model": "hat enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.0"
},
{
"_id": null,
"model": "ace appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.15"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "wireless location appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source",
"scope": "eq",
"trust": 0.3,
"vendor": "asterisk",
"version": "1.8.3.1"
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.37"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0.0.52"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"_id": null,
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "websphere process server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.4"
},
{
"_id": null,
"model": "commonstore for lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "3.0"
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.0.820"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "websphere lombardi edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"_id": null,
"model": "hat enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"_id": null,
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.23"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.1.830"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.31"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "network collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "networks sa2000",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "hat enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.9"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.13"
},
{
"_id": null,
"model": "directory pro",
"scope": "eq",
"trust": 0.3,
"vendor": "cosmicperl",
"version": "10.0.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.1"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.185"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.8"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "networks sa6500 fips",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.800"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"_id": null,
"model": "windows server r2 for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"_id": null,
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "websphere lombardi edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.27"
},
{
"_id": null,
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0.860"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "runtimes for java technology",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "networks sa6000 fips",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.840"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0"
},
{
"_id": null,
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.25"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.740"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.5.2"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.6"
},
{
"_id": null,
"model": "windows server itanium sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "ediscovery analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"_id": null,
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.2"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "network automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.10"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "sitescope",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2.835"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.35"
},
{
"_id": null,
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.3"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.39"
},
{
"_id": null,
"model": "tivoli netcool/omnibus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.6"
},
{
"_id": null,
"model": "hat enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli netcool performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "network automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "forticlient",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.760"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.6"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.5"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.4.27"
},
{
"_id": null,
"model": "phaser",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "67000"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"_id": null,
"model": "windows server for itanium-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.1"
},
{
"_id": null,
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1.730"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.21"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "sitescope",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.10"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"_id": null,
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli business service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.01"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.03"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.19"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"_id": null,
"model": "hat enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.5"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"_id": null,
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.31"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.0"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.03"
},
{
"_id": null,
"model": "performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.00"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.17"
},
{
"_id": null,
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.02"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "hat enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.00"
},
{
"_id": null,
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "runtimes for java technology",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.1"
},
{
"_id": null,
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.841"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "web interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.021"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "asset manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4.750"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.1"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9.790"
}
],
"sources": [
{
"db": "BID",
"id": "70574"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"credits": {
"_id": null,
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "129266"
},
{
"db": "PACKETSTORM",
"id": "130334"
},
{
"db": "PACKETSTORM",
"id": "128921"
},
{
"db": "PACKETSTORM",
"id": "136577"
},
{
"db": "PACKETSTORM",
"id": "129071"
},
{
"db": "PACKETSTORM",
"id": "129065"
}
],
"trust": 0.7
},
"cve": "CVE-2014-3566",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-3566",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-71506",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.6,
"id": "CVE-2014-3566",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3566",
"trust": 1.0,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-71506",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-3566",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "VULMON",
"id": "CVE-2014-3566"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"description": {
"_id": null,
"data": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue. OpenSSL is prone to an information disclosure vulnerability. \nAn attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. \nThe following versions are vulnerable:\nOpenSSL 0.9.8 prior to 0.9.8zc\nOpenSSL 1.0.0 prior to 1.0.0o\nOpenSSL 1.0.1 prior to 1.0.1j. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. The vulnerability is caused by the program\u0027s use of non-deterministic CBC padding. OpenSSL Security Advisory [15 Oct 2014]\n=======================================\n\nSRTP Memory Leak (CVE-2014-3513)\n================================\n\nSeverity: High\n\nA flaw in the DTLS SRTP extension parsing code allows an attacker, who\nsends a carefully crafted handshake message, to cause OpenSSL to fail\nto free up to 64k of memory causing a memory leak. This could be\nexploited in a Denial Of Service attack. This issue affects OpenSSL\n1.0.1 server implementations for both SSL/TLS and DTLS regardless of\nwhether SRTP is used or configured. Implementations of OpenSSL that\nhave been compiled with OPENSSL_NO_SRTP defined are not affected. \n\nThis issue was reported to OpenSSL on 26th September 2014, based on an original\nissue and patch developed by the LibreSSL project. Further analysis of the issue\nwas performed by the OpenSSL team. \n\nThe fix was developed by the OpenSSL team. \n\n\nSession Ticket Memory Leak (CVE-2014-3567)\n==========================================\n\nSeverity: Medium\n\nWhen an OpenSSL SSL/TLS/DTLS server receives a session ticket the\nintegrity of that ticket is first verified. In the event of a session\nticket integrity check failing, OpenSSL will fail to free memory\ncausing a memory leak. By sending a large number of invalid session\ntickets an attacker could exploit this issue in a Denial Of Service\nattack. \n\nThis issue was reported to OpenSSL on 8th October 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\n\nSSL 3.0 Fallback protection\n===========================\n\nSeverity: Medium\n\nOpenSSL has added support for TLS_FALLBACK_SCSV to allow applications\nto block the ability for a MITM attacker to force a protocol\ndowngrade. \n\nSome client applications (such as browsers) will reconnect using a\ndowngraded protocol to work around interoperability bugs in older\nservers. This could be exploited by an active man-in-the-middle to\ndowngrade connections to SSL 3.0 even if both sides of the connection\nsupport higher protocols. SSL 3.0 contains a number of weaknesses\nincluding POODLE (CVE-2014-3566). \n\nhttps://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\nhttps://www.openssl.org/~bodo/ssl-poodle.pdf\n\nSupport for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller. \n\n\nBuild option no-ssl3 is incomplete (CVE-2014-3568)\n==================================================\n\nSeverity: Low\n\nWhen OpenSSL is configured with \"no-ssl3\" as a build option, servers\ncould accept and complete a SSL 3.0 handshake, and clients could be\nconfigured to send them. \n\nThis issue was reported to OpenSSL by Akamai Technologies on 14th October 2014. \n\nThe fix was developed by Akamai and the OpenSSL team. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20141015.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. \nThe following firmware versions of Virtual Connect (VC) are impacted:\n\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21\n\nNote: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800,\nCVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and\nCVE-2016-2842. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201507-14\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Oracle JRE/JDK: Multiple vulnerabilities\n Date: July 10, 2015\n Bugs: #537214\n ID: 201507-14\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Oracle JRE/JDK, allowing\nboth local and remote attackers to compromise various Java components. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nAn context-dependent attacker may be able to influence the\nconfidentiality, integrity, and availability of Java\napplications/runtime. \n\nWorkaround\n==========\n\nThere is no workaround at this time. \n\nResolution\n==========\n\nAll Oracle JRE 8 users should upgrade to the latest stable version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jre-bin-1.8.0.31\n\nAll Oracle JDK 8 users should upgrade to the latest stable version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jdk-bin-1.8.0.31\n\nAll Oracle JRE 7 users should upgrade to the latest version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jre-bin-1.7.0.76\n\nAll Oracle JDK 7 users should upgrade to the latest stable version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jdk-bin-1.7.0.76\n\nReferences\n==========\n\n[ 1 ] CVE-2014-3566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3566\n[ 2 ] CVE-2014-6549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6549\n[ 3 ] CVE-2014-6585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6585\n[ 4 ] CVE-2014-6587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6587\n[ 5 ] CVE-2014-6591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6591\n[ 6 ] CVE-2014-6593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6593\n[ 7 ] CVE-2014-6601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6601\n[ 8 ] CVE-2015-0383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0383\n[ 9 ] CVE-2015-0395\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0395\n[ 10 ] CVE-2015-0400\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0400\n[ 11 ] CVE-2015-0403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0403\n[ 12 ] CVE-2015-0406\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0406\n[ 13 ] CVE-2015-0407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0407\n[ 14 ] CVE-2015-0408\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0408\n[ 15 ] CVE-2015-0410\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0410\n[ 16 ] CVE-2015-0412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0412\n[ 17 ] CVE-2015-0413\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0413\n[ 18 ] CVE-2015-0421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0421\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201507-14\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\n HP CMS: UCMDB Browser all supported versions. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: java-1.7.0-ibm security update\nAdvisory ID: RHSA-2014:1876-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-1876.html\nIssue date: 2014-11-19\nCVE Names: CVE-2014-3065 CVE-2014-3566 CVE-2014-4288 \n CVE-2014-6456 CVE-2014-6457 CVE-2014-6458 \n CVE-2014-6476 CVE-2014-6492 CVE-2014-6493 \n CVE-2014-6502 CVE-2014-6503 CVE-2014-6506 \n CVE-2014-6511 CVE-2014-6512 CVE-2014-6515 \n CVE-2014-6527 CVE-2014-6531 CVE-2014-6532 \n CVE-2014-6558 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-ibm packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64\n\n3. Description:\n\nIBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM\nJava Software Development Kit. \n\nThis update fixes several vulnerabilities in the IBM Java Runtime\nEnvironment and the IBM Java Software Development Kit. Detailed\nvulnerability descriptions are linked from the IBM Security alerts\npage, listed in the References section. (CVE-2014-3065, CVE-2014-3566,\nCVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476,\nCVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506,\nCVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531,\nCVE-2014-6532, CVE-2014-6558)\n\nThe CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat\nProduct Security. \n\nNote: With this update, the IBM SDK now disables the SSL 3.0 protocol to\naddress the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM\narticle linked to in the References section for additional details about\nthis change and instructions on how to re-enable SSL 3.0 support if needed. \n\nAll users of java-1.7.0-ibm are advised to upgrade to these updated\npackages, containing the IBM Java SE 7 SR8 release. All running instances\nof IBM Java must be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1071210 - CVE-2014-6512 OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)\n1150155 - CVE-2014-6506 OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)\n1150651 - CVE-2014-6531 OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)\n1150669 - CVE-2014-6502 OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)\n1151046 - CVE-2014-6457 OpenJDK: Triple Handshake attack against TLS/SSL connections (JSSE, 8037066)\n1151063 - CVE-2014-6558 OpenJDK: CipherInputStream incorrect exception handling (Security, 8037846)\n1151517 - CVE-2014-6511 ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)\n1152756 - CVE-2014-6532 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152757 - CVE-2014-6503 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152758 - CVE-2014-6456 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)\n1152759 - CVE-2014-6492 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152760 - CVE-2014-6493 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152761 - CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152763 - CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152765 - CVE-2014-6476 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)\n1152766 - CVE-2014-6515 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152767 - CVE-2014-6527 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)\n1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack\n1162554 - CVE-2014-3065 IBM JDK: privilege escalation via shared class cache\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\n\nx86_64:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\n\nppc:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\n\ns390x:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390x.rpm\n\nx86_64:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3065\nhttps://access.redhat.com/security/cve/CVE-2014-3566\nhttps://access.redhat.com/security/cve/CVE-2014-4288\nhttps://access.redhat.com/security/cve/CVE-2014-6456\nhttps://access.redhat.com/security/cve/CVE-2014-6457\nhttps://access.redhat.com/security/cve/CVE-2014-6458\nhttps://access.redhat.com/security/cve/CVE-2014-6476\nhttps://access.redhat.com/security/cve/CVE-2014-6492\nhttps://access.redhat.com/security/cve/CVE-2014-6493\nhttps://access.redhat.com/security/cve/CVE-2014-6502\nhttps://access.redhat.com/security/cve/CVE-2014-6503\nhttps://access.redhat.com/security/cve/CVE-2014-6506\nhttps://access.redhat.com/security/cve/CVE-2014-6511\nhttps://access.redhat.com/security/cve/CVE-2014-6512\nhttps://access.redhat.com/security/cve/CVE-2014-6515\nhttps://access.redhat.com/security/cve/CVE-2014-6527\nhttps://access.redhat.com/security/cve/CVE-2014-6531\nhttps://access.redhat.com/security/cve/CVE-2014-6532\nhttps://access.redhat.com/security/cve/CVE-2014-6558\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://www.ibm.com/developerworks/java/jdk/alerts/\nhttps://www-01.ibm.com/support/docview.wss?uid=swg21688165\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUbOWGXlSAg2UNWIIRAhPmAJ96YO5JFEg4GS1MkDIeXQkRxbN0hACgoUiY\nehbScogUJnSordhBH11LgWQ=\n=ko7F\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nftp://ssl098zc:Secure12@ftp.usa.hp.com\n\nUser name: ssl098zc Password: (NOTE: Case sensitive) Secure12\n\nHP-UX Release\n HP-UX OpenSSL version\n\nB.11.11 (11i v1)\n A.00.09.08zc.001_HP-UX_B.11.11_32+64.depot\n\nB.11.23 (11i v2)\n A.00.09.08zc.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n A.00.09.08zc.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08zc or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nThe update is available from HPE Software Depot: https://h20392.www2.hpe.com/\nportal/swdepot/displayProductInfo.do?productNumber=HPVPRhttps://www.hpe.com\n\nNote: HPE recommends customers using OV4VC 7.8.1 and earlier should upgrade\nto OV4VC 7.8.2. This addresses all SSL security vulnerabilities reported\nthrough March 28, 2016. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04496538\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04496538\nVersion: 1\n\nHPSBGN03164 rev.1 - HP IceWall SSO Dfw, SSO Certd and MCRP running OpenSSL,\nRemote Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-11-10\nLast Updated: 2014-11-10\n\nPotential Security Impact: Remote disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP IceWall SSO\nDfw , SSO Certd, and MCRP running OpenSSL. \n\nThis is the SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" or \"Poodle\", which could be exploited remotely resulting in\ndisclosure of information.. \n\nReferences: CVE-2014-3566 (SSRT101789)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - HP IceWall MCRP v2.1, v3.0\n - HP IceWall SSO Dfw v8.0, v8.0 R1, v8.0 R2, v8.0 R3, and v10.0\n - HP IceWall SSO Certd v8.0R3 with DB plugin patch 2 and v10.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP recommends the following software updates and workaround instructions to\nresolve this vulnerability for HP IceWall SSO Dfw, SSO Certd, and MCRP. \n\n The software updates are available at:\n\n http://www.hp.com/jp/icewall_patchaccess\n\n Notes:\n\n - There are no updates or mitigations for MCRP 2.1 and Dfw\n8.0/8.0R1/8.0R2/8.0R3. \n - HP recommends updating these older versions to the latest versions and\npatches and then following the WORKAROUND INSTRUCTIONS below. \n - The WORKAROUND INSTRUCTIONS should be followed after applying the\nfollowing updates. \n\n Software Update Versions\n\n HP IceWall MCRP 3.0 Patch release 1\n\n HP IceWall SSO Dfw 10.0 Patch release 7\n\n Note: Both software update versions provide the use of TLSv1 which is not\nvulnerable and available for each supported platform. \n\nWORKAROUND INSTRUCTIONS\n\n HP recommends the following information to protect against potential risk\nfor the following HP IceWall products. \n\n HP IceWall SSO Dfw and MCRP\n\n - If possible, do not use the SHOST setting which allows IceWall SSO\nDfw or MCRP to use SSL/TLS protocol to back-end web servers. \n\n - The following steps should be applied if SSL/TLS protocol to back-end\nweb servers must be used:\n\n o For MCRP: apply MCRP patch release 1\n o For Dfw: apply Dfw patch release 7 or later\n o Set SSL_PROTOCOL parameter to TLSv1\n\n HP IceWall SSO Certd\n\n - For Certd version 10.0 and 8.0R3: apply DB plugin patch release 2\n\n - If possible, do not use the LDAPSSL setting which allows IceWall SSO\nCertd to connect to the LDAP server using SSL/TLS protocol. \n\n - If SSL/TLS protocol must be used to LDAP server, configure the LDAP\nserver to use only TLSv1 as a mitigation for the vulnerability. For example,\non an OpenLDAP server (slapd), Set the TLSProtocolMin parameter. \n\nNote: The HP IceWall product is only available in Japan. \n\nHISTORY\nVersion:1 (rev.1) - 10 November 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\nHP SiteScope 11.1x\nHP SiteScope 11.2x\n\nImportant note: HP SiteScope is impacted if and only if it is configured to\nwork over secure channel (HTTPS). This protocol is now disabled by default. \n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.4.31-4+deb7u4. \n\nWe recommend that you upgrade your lighttpd packages",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3566"
},
{
"db": "BID",
"id": "70574"
},
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "VULMON",
"id": "CVE-2014-3566"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132641"
},
{
"db": "PACKETSTORM",
"id": "129266"
},
{
"db": "PACKETSTORM",
"id": "129178"
},
{
"db": "PACKETSTORM",
"id": "130334"
},
{
"db": "PACKETSTORM",
"id": "128921"
},
{
"db": "PACKETSTORM",
"id": "136577"
},
{
"db": "PACKETSTORM",
"id": "129071"
},
{
"db": "PACKETSTORM",
"id": "129065"
},
{
"db": "PACKETSTORM",
"id": "135908"
}
],
"trust": 2.34
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-71506",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-3566",
"trust": 2.6
},
{
"db": "BID",
"id": "70574",
"trust": 1.4
},
{
"db": "ICS CERT",
"id": "ICSMA-18-058-02",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61130",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61995",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60792",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61019",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61316",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61827",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61782",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60056",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61810",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61819",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61825",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60206",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61303",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61359",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61345",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59627",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60859",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61926",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031120",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031106",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031124",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031091",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031095",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031088",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031093",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031105",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031094",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031087",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031090",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031107",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031132",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031085",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031039",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031096",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031131",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031029",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031123",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031086",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031130",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031092",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031089",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA14-290A",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10091",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10104",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10090",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#577193",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10705",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "128921",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "129065",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "129266",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132641",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "136577",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "130334",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "129071",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "135908",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "131009",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130184",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131051",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128838",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130217",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130296",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129150",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132084",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132573",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131354",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128969",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132469",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128669",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128866",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129265",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129217",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136599",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133640",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129263",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129614",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131011",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139063",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128863",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130332",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128730",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130298",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131690",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128770",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130125",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128732",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128733",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130816",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129528",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130052",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129294",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132470",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133836",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129242",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129401",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130304",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130549",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129427",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131008",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130046",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128769",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130141",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130181",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133368",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132942",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130070",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129318",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132965",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131790",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130818",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130817",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128771",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130050",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133600",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130072",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129120",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129426",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201410-267",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-92692",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-71506",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-3566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169664",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137294",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "VULMON",
"id": "CVE-2014-3566"
},
{
"db": "BID",
"id": "70574"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132641"
},
{
"db": "PACKETSTORM",
"id": "129266"
},
{
"db": "PACKETSTORM",
"id": "129178"
},
{
"db": "PACKETSTORM",
"id": "130334"
},
{
"db": "PACKETSTORM",
"id": "128921"
},
{
"db": "PACKETSTORM",
"id": "136577"
},
{
"db": "PACKETSTORM",
"id": "129071"
},
{
"db": "PACKETSTORM",
"id": "129065"
},
{
"db": "PACKETSTORM",
"id": "135908"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"id": "VAR-201410-1418",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
}
],
"trust": 0.5931986333333333
},
"last_update_date": "2026-04-10T23:34:59.740000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Debian Security Advisories: DSA-3489-1 lighttpd -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=dcb828f6dad683ea0da76b6c62cde0ea"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=4545b8bd124b33fa1434a34c59003fd5"
},
{
"title": "HP: HPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03360"
},
{
"title": "Debian CVElist Bug Report Logs: Not possible to disable SSLv3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=cd46735759deed658e1e15bd89794f91"
},
{
"title": "Amazon Linux AMI: ALAS-2014-426",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-426"
},
{
"title": "Red Hat: CVE-2014-3566",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-3566"
},
{
"title": "Amazon Linux AMI: ALAS-2014-429",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-429"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=9e10ca91834a4f14416f4e75e776c6b6"
},
{
"title": "Red Hat: Important: java-1.6.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150085 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150067 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-3253-1 pound -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=ad76a2fc91623114f1aaa478b7ecbe12"
},
{
"title": "Red Hat: Important: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150068 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.8.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150069 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-oracle security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150079 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.6.0-sun security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150086 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-3053-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=89bdef3607a7448566a930eca0e94cb3"
},
{
"title": "Symantec Security Advisories: SA83 : SSL v3 Poodle Attack",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=3703d1b5dc42da47d311d20afe00de22"
},
{
"title": "Red Hat: Critical: java-1.8.0-oracle security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150080 - Security Advisory"
},
{
"title": "Cisco: SSL-TLS Implementations Cipher Block Chaining Padding Information Disclosure Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=Cisco-SA-20141211-CVE-2014-8730"
},
{
"title": "Debian CVElist Bug Report Logs: asterisk: CVE-2014-9374",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=5ec9c01ff2551bc64f61573dcb290621"
},
{
"title": "Citrix Security Bulletins: CVE-2014-3566 - Citrix Security Advisory for SSLv3 Protocol Flaw",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=510bf83b7458a7704870eecdfadf5704"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2014-8418 CVE-2014-8412 CVE-2014-8414 CVE-2014-8417",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=ea75db152315222e9fc0490c8b65fb98"
},
{
"title": "Tenable Security Advisories: [R6] SSLv3 Protocol Vulnerability Affects Tenable Products (POODLE)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2014-09"
},
{
"title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2487-1"
},
{
"title": "Debian Security Advisories: DSA-3144-1 openjdk-7 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=d750da8121d006282839ec576885794b"
},
{
"title": "Red Hat: Low: Red Hat Satellite IBM Java Runtime security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150264 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-3147-1 openjdk-6 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=f0587b999035ec3e03b0795bc92b0a31"
},
{
"title": "Ubuntu Security Notice: openjdk-6 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2486-1"
},
{
"title": "Amazon Linux AMI: ALAS-2015-480",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-480"
},
{
"title": "Amazon Linux AMI: ALAS-2015-471",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-471"
},
{
"title": "Huawei Security Advisories: Huawei PSIRT: Technical Analysis Report Regarding Finite State Supply Chain Assessment",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=73885f997edba4cefdd6ba9030e87bdc"
},
{
"title": "mangy-beast",
"trust": 0.1,
"url": "https://github.com/ashmastaflash/mangy-beast "
},
{
"title": "BASH_froggPoodler",
"trust": 0.1,
"url": "https://github.com/FroggDev/BASH_froggPoodler "
},
{
"title": "lacework-kaholo-autoremediation",
"trust": 0.1,
"url": "https://github.com/automatecloud/lacework-kaholo-autoremediation "
},
{
"title": "bouncer",
"trust": 0.1,
"url": "https://github.com/ggrandes/bouncer "
},
{
"title": "voipnowpatches",
"trust": 0.1,
"url": "https://github.com/4psa/voipnowpatches "
},
{
"title": "ric13351",
"trust": 0.1,
"url": "https://github.com/bjayesh/ric13351 "
},
{
"title": "squeeze-lighttpd-poodle",
"trust": 0.1,
"url": "https://github.com/matjohns/squeeze-lighttpd-poodle "
},
{
"title": "poodle_check",
"trust": 0.1,
"url": "https://github.com/rameezts/poodle_check "
},
{
"title": "poodle_protector",
"trust": 0.1,
"url": "https://github.com/stdevel/poodle_protector "
},
{
"title": "bouncer",
"trust": 0.1,
"url": "https://github.com/TechPorter20/bouncer "
},
{
"title": "aws_poodle_fix",
"trust": 0.1,
"url": "https://github.com/rvaralda/aws_poodle_fix "
},
{
"title": "dnsmanagerpatches",
"trust": 0.1,
"url": "https://github.com/4psa/dnsmanagerpatches "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Wanderwille/13.01 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3566"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-310",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1876.html"
},
{
"trust": 1.2,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165"
},
{
"trust": 1.2,
"url": "https://www.openssl.org/news/secadv_20141015.txt"
},
{
"trust": 1.2,
"url": "https://www.openssl.org/~bodo/ssl-poodle.pdf"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031029"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031039"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031085"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031086"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031087"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031088"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031089"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031090"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031091"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031092"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031093"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031094"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031095"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031096"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031105"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031106"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031107"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031120"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031123"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031124"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031130"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031131"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031132"
},
{
"trust": 1.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20141015-poodle"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59627"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60056"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60206"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60792"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60859"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61019"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61130"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61303"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61316"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61345"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61359"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61782"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61810"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61819"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61825"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61827"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61926"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61995"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/70574"
},
{
"trust": 1.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"trust": 1.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/533747"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/533746"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/jan/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00002.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2014/dsa-3053"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3147"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3253"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3489"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-november/142330.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-october/141158.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-october/141114.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-october/169374.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-october/169361.html"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201606-11"
},
{
"trust": 1.1,
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04583581"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:203"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2014-015.txt.asc"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1652.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1653.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1692.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1877.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1880.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1881.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1882.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1920.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1948.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0068.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0079.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0080.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0085.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0086.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0264.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0698.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1545.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1546.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/ncas/alerts/ta14-290a"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2486-1"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2487-1"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/577193"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3ccommits.cxf.apache.org%3e"
},
{
"trust": 1.1,
"url": "http://advisories.mageia.org/mgasa-2014-0416.html"
},
{
"trust": 1.1,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"
},
{
"trust": 1.1,
"url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566"
},
{
"trust": 1.1,
"url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html"
},
{
"trust": 1.1,
"url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/"
},
{
"trust": 1.1,
"url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx"
},
{
"trust": 1.1,
"url": "http://docs.ipswitch.com/moveit/dmz82/releasenotes/moveitreleasenotes82.pdf"
},
{
"trust": 1.1,
"url": "http://downloads.asterisk.org/pub/security/ast-2014-011.html"
},
{
"trust": 1.1,
"url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html"
},
{
"trust": 1.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04779034"
},
{
"trust": 1.1,
"url": "http://people.canonical.com/~ubuntu-security/cve/2014/cve-2014-3566.html"
},
{
"trust": 1.1,
"url": "http://support.apple.com/ht204244"
},
{
"trust": 1.1,
"url": "http://support.citrix.com/article/ctx200238"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021431"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021439"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2015-0003.html"
},
{
"trust": 1.1,
"url": "http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0"
},
{
"trust": 1.1,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/articles/1232123"
},
{
"trust": 1.1,
"url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/"
},
{
"trust": 1.1,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa83"
},
{
"trust": 1.1,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789"
},
{
"trust": 1.1,
"url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip"
},
{
"trust": 1.1,
"url": "https://github.com/mpgn/poodle-poc"
},
{
"trust": 1.1,
"url": "https://groups.google.com/forum/#%21topic/docker-user/oym0i3xshju"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04819635"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05068681"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05157667"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-058-02"
},
{
"trust": 1.1,
"url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20141015-0001/"
},
{
"trust": 1.1,
"url": "https://support.apple.com/ht205217"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6527"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6529"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6531"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6535"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6536"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6541"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht6542"
},
{
"trust": 1.1,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.1,
"url": "https://support.lenovo.com/product_security/poodle"
},
{
"trust": 1.1,
"url": "https://support.lenovo.com/us/en/product_security/poodle"
},
{
"trust": 1.1,
"url": "https://technet.microsoft.com/library/security/3009008.aspx"
},
{
"trust": 1.1,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7"
},
{
"trust": 1.1,
"url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html"
},
{
"trust": 1.1,
"url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html"
},
{
"trust": 1.1,
"url": "https://www.elastic.co/blog/logstash-1-4-3-released"
},
{
"trust": 1.1,
"url": "https://www.imperialviolet.org/2014/10/14/poodle.html"
},
{
"trust": 1.1,
"url": "https://www.suse.com/support/kb/doc.php?id=7015773"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10104"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10091"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10090"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"trust": 1.0,
"url": "https://templatelab.com/ssl-poodle/"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10705"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.5,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0800"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141577350823734\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141576815022399\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141620103726640\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141697638231025\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141703183219781\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141697676231104\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141775427104070\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141814011518700\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141715130023061\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141813976718456\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142118135300698\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142296755107581\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142354438527235\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142350743917559\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142350196615714\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142350298616097\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142357976805598\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142962817202793\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143290371927178\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144294141001552\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=145983526810210\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141450973807288\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142721887231400\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142660345230545\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142804214608580\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141450452204552\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141628688425177\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141577087123040\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141694355519663\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141879378918327\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143290583027876\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143628269912142\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143039249603103\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624619906067\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142495837901899\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143290522027658\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624719706349\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143290437727362\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624590206005\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624679706236\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142740155824959\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142721830231196\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142791032306609\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144101915224472\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142103967620673\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143558137709884\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143558192010071\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142805027510172\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142546741516006\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144251162130364\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141477196830952\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143101048219218\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142496355704097\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142624619906067"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142607790919348\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=openssl-dev\u0026amp;m=141333049205629\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10705"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10090"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10091"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10104"
},
{
"trust": 0.1,
"url": "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/swd/public"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5161"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0395"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0407"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0406"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0383"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6585"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0413"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6601"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6593"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0421"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0406"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0410"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0403"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0408"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0412"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0413"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0410"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0408"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0400"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0400"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0407"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0383"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0395"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facets"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6531"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6532"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6511"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6457"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3065"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6493"
},
{
"trust": 0.1,
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-4288"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6532"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6457"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6512"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6531"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6511"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3065"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6458"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6527"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6502"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6493"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6503"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6492"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6502"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6506"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6515"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6506"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6456"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6515"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6456"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6527"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6458"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6512"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://www.hpe.com"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hpe.com/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/jp/icewall_patchaccess"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsea"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71506"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132641"
},
{
"db": "PACKETSTORM",
"id": "129266"
},
{
"db": "PACKETSTORM",
"id": "129178"
},
{
"db": "PACKETSTORM",
"id": "130334"
},
{
"db": "PACKETSTORM",
"id": "128921"
},
{
"db": "PACKETSTORM",
"id": "136577"
},
{
"db": "PACKETSTORM",
"id": "129071"
},
{
"db": "PACKETSTORM",
"id": "129065"
},
{
"db": "PACKETSTORM",
"id": "135908"
},
{
"db": "NVD",
"id": "CVE-2014-3566"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-71506",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2014-3566",
"ident": null
},
{
"db": "BID",
"id": "70574",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169664",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137294",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132641",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129266",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129178",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130334",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "128921",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136577",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129071",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129065",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135908",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-3566",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-71506",
"ident": null
},
{
"date": "2014-10-15T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3566",
"ident": null
},
{
"date": "2014-10-14T00:00:00",
"db": "BID",
"id": "70574",
"ident": null
},
{
"date": "2014-10-15T12:12:12",
"db": "PACKETSTORM",
"id": "169664",
"ident": null
},
{
"date": "2016-06-02T16:22:00",
"db": "PACKETSTORM",
"id": "137294",
"ident": null
},
{
"date": "2015-07-10T15:43:42",
"db": "PACKETSTORM",
"id": "132641",
"ident": null
},
{
"date": "2014-11-26T15:08:22",
"db": "PACKETSTORM",
"id": "129266",
"ident": null
},
{
"date": "2014-11-20T16:18:57",
"db": "PACKETSTORM",
"id": "129178",
"ident": null
},
{
"date": "2015-02-10T17:43:07",
"db": "PACKETSTORM",
"id": "130334",
"ident": null
},
{
"date": "2014-10-31T23:08:29",
"db": "PACKETSTORM",
"id": "128921",
"ident": null
},
{
"date": "2016-04-06T13:28:14",
"db": "PACKETSTORM",
"id": "136577",
"ident": null
},
{
"date": "2014-11-12T18:14:00",
"db": "PACKETSTORM",
"id": "129071",
"ident": null
},
{
"date": "2014-11-12T18:13:12",
"db": "PACKETSTORM",
"id": "129065",
"ident": null
},
{
"date": "2016-02-24T23:59:00",
"db": "PACKETSTORM",
"id": "135908",
"ident": null
},
{
"date": "2014-10-15T00:55:02.137000",
"db": "NVD",
"id": "CVE-2014-3566",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-71506",
"ident": null
},
{
"date": "2023-09-12T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3566",
"ident": null
},
{
"date": "2015-11-03T18:53:00",
"db": "BID",
"id": "70574",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-3566",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "70574"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "70574"
}
],
"trust": 0.3
},
"type": {
"_id": null,
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "70574"
}
],
"trust": 0.3
}
}
VAR-201710-1433
Vulnerability from variot - Updated: 2026-04-10 23:34Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
Ubuntu Security Notice USN-3430-3 January 04, 2018
dnsmasq regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
USN-3430-2 introduced regression in Dnsmasq.
Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server
Details:
USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem.
We apologize for the inconvenience.
Original advisory details:
Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14491)
Felix Wilhelm, Fermin J. (CVE-2017-14492)
Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 requests. (CVE-2017-14493)
Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)
Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to consume memory, resulting in a denial of service. (CVE-2017-14495)
Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: dnsmasq=C2=A02.59-4ubuntu0.4 dnsmasq-base2.59-4ubuntu0.4 dnsmasq-utils2.59-4ubuntu0.4
After a standard system update you need to reboot your computer to make all the necessary changes. 7.3) - ppc64, ppc64le, s390x, x86_64
-
This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless. (CVE-2017-14493)
-
An information leak was found in dnsmasq in the DHCPv6 relay code. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: dnsmasq security update Advisory ID: RHSA-2017:2839-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2839 Issue date: 2017-10-02 CVE Names: CVE-2017-14491 =====================================================================
- Summary:
An update for dnsmasq is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.6) - x86_64
- Description:
The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.
Security Fix(es):
- A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. (CVE-2017-14491)
Red Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. Serna (Google Security Team), Gabriel Campana (Google Security Team), Kevin Hamacher (Google Security Team), and Ron Bowes (Google Security Team) for reporting this issue.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies
- Package List:
Red Hat Enterprise Linux HPC Node EUS (v. 6.7):
Source: dnsmasq-2.48-16.el6_7.1.src.rpm
x86_64: dnsmasq-2.48-16.el6_7.1.x86_64.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7):
x86_64: dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm dnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.2):
Source: dnsmasq-2.48-5.el6_2.2.src.rpm
x86_64: dnsmasq-2.48-5.el6_2.2.x86_64.rpm dnsmasq-debuginfo-2.48-5.el6_2.2.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.4):
Source: dnsmasq-2.48-13.el6_4.1.src.rpm
x86_64: dnsmasq-2.48-13.el6_4.1.x86_64.rpm dnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.5):
Source: dnsmasq-2.48-13.el6_5.1.src.rpm
x86_64: dnsmasq-2.48-13.el6_5.1.x86_64.rpm dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 6.5):
Source: dnsmasq-2.48-13.el6_5.1.src.rpm
x86_64: dnsmasq-2.48-13.el6_5.1.x86_64.rpm dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.6):
Source: dnsmasq-2.48-14.el6_6.1.src.rpm
x86_64: dnsmasq-2.48-14.el6_6.1.x86_64.rpm dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 6.6):
Source: dnsmasq-2.48-14.el6_6.1.src.rpm
x86_64: dnsmasq-2.48-14.el6_6.1.x86_64.rpm dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 6.7):
Source: dnsmasq-2.48-16.el6_7.1.src.rpm
i386: dnsmasq-2.48-16.el6_7.1.i686.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm
ppc64: dnsmasq-2.48-16.el6_7.1.ppc64.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm
s390x: dnsmasq-2.48-16.el6_7.1.s390x.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm
x86_64: dnsmasq-2.48-16.el6_7.1.x86_64.rpm dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.4):
Source: dnsmasq-2.48-13.el6_4.1.src.rpm
x86_64: dnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm dnsmasq-utils-2.48-13.el6_4.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.5):
Source: dnsmasq-2.48-13.el6_5.1.src.rpm
x86_64: dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm dnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 6.5):
Source: dnsmasq-2.48-13.el6_5.1.src.rpm
x86_64: dnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm dnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.6):
x86_64: dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm dnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 6.6):
x86_64: dnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm dnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 6.7):
i386: dnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm dnsmasq-utils-2.48-16.el6_7.1.i686.rpm
ppc64: dnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm dnsmasq-utils-2.48-16.el6_7.1.ppc64.rpm
s390x: dnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm dnsmasq-utils-2.48-16.el6_7.1.s390x.rpm
x86_64: dnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm dnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-14491 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/security/vulnerabilities/3199382
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFZ0nLUXlSAg2UNWIIRAn39AKDCsn16dEmmA7DazjU2IOpWLIFp8QCeODoG 7t7GGwkabW2pC2Wcr35n/G8= =S/6b -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201710-27
https://security.gentoo.org/
Severity: Normal Title: Dnsmasq: Multiple vulnerabilities Date: October 23, 2017 Bugs: #632692 ID: 201710-27
Synopsis
Multiple vulnerabilities have been found in Dnsmasq, the worst of which may allow remote attackers to execute arbitrary code.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/dnsmasq < 2.78 >= 2.78
Description
Multiple vulnerabilities have been discovered in Dnsmasq.
Workaround
There is no known workaround at this time.
Resolution
All Dnsmasq users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.78"
References
[ 1 ] CVE-2017-14491 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491 [ 2 ] CVE-2017-14492 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492 [ 3 ] CVE-2017-14493 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493 [ 4 ] CVE-2017-14494 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494 [ 5 ] CVE-2017-14495 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495 [ 6 ] CVE-2017-14496 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201710-27
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "diskstation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "6.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"_id": null,
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"_id": null,
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.3.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.17.8m"
},
{
"_id": null,
"model": "linux for tegra",
"scope": "lt",
"trust": 1.0,
"vendor": "nvidia",
"version": "r21.6"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"_id": null,
"model": "scalance m-800",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"_id": null,
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"_id": null,
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.4.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"_id": null,
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.18"
},
{
"_id": null,
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"_id": null,
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.17"
},
{
"_id": null,
"model": "linux enterprise debuginfo",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"_id": null,
"model": "eos",
"scope": "lte",
"trust": 1.0,
"vendor": "arista",
"version": "4.15"
},
{
"_id": null,
"model": "diskstation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "6.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"_id": null,
"model": "eos",
"scope": "lte",
"trust": 1.0,
"vendor": "arista",
"version": "4.18.4.2f"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "8.1.0.0"
},
{
"_id": null,
"model": "ruggedcom rm1224",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"_id": null,
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.4.4.0"
},
{
"_id": null,
"model": "diskstation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "5.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "geforce experience",
"scope": "lt",
"trust": 1.0,
"vendor": "nvidia",
"version": "3.10.0.55"
},
{
"_id": null,
"model": "router manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "1.1"
},
{
"_id": null,
"model": "honor v9 play",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "jimmy-al00ac00b135"
},
{
"_id": null,
"model": "dnsmasq",
"scope": "lte",
"trust": 1.0,
"vendor": "thekelleys",
"version": "2.77"
},
{
"_id": null,
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.1"
},
{
"_id": null,
"model": "linux for tegra",
"scope": "lt",
"trust": 1.0,
"vendor": "nvidia",
"version": "r24.2.2"
},
{
"_id": null,
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.3.1"
},
{
"_id": null,
"model": "geforce experience",
"scope": "gte",
"trust": 1.0,
"vendor": "nvidia",
"version": "3.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"_id": null,
"model": "arubaos",
"scope": "gte",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"_id": null,
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.16"
},
{
"_id": null,
"model": "scalance w1750d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.5.1.5"
},
{
"_id": null,
"model": "scalance s615",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.16.13m"
},
{
"_id": null,
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"_id": null,
"model": "arubaos",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dnsmasq",
"version": null
},
{
"_id": null,
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"_id": null,
"model": "red hat enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"_id": null,
"model": "red hat enterprise linux workstation",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"_id": null,
"model": "red hat enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"_id": null,
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"_id": null,
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"_id": null,
"model": "dnsmasq",
"scope": null,
"trust": 0.8,
"vendor": "thekelleys",
"version": null
},
{
"_id": null,
"model": "dnsmasq",
"scope": "eq",
"trust": 0.6,
"vendor": "thekelleys",
"version": "2.77"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#973527"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
},
{
"db": "NVD",
"id": "CVE-2017-14491"
}
]
},
"credits": {
"_id": null,
"data": "Gabriel Campana, Kevin Hamacher and Ron Bowes of the Google Security Team,Felix Wilhelm, Fermin J. Serna",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
}
],
"trust": 0.6
},
"cve": "CVE-2017-14491",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-14491",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-14491",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-14491",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-14491",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-14491",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-747",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2017-14491",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-14491"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
},
{
"db": "NVD",
"id": "CVE-2017-14491"
}
]
},
"description": {
"_id": null,
"data": "Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. \n===========================================================================\nUbuntu Security Notice USN-3430-3\nJanuary 04, 2018\n\ndnsmasq regression\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nUSN-3430-2 introduced regression in Dnsmasq. \n\nSoftware Description:\n- dnsmasq: Small caching DNS proxy and DHCP/TFTP server\n\nDetails:\n\nUSN-3430-2 fixed several vulnerabilities. The update introduced a new\nregression that breaks DNS resolution. This update addresses the\nproblem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. \n(CVE-2017-14491)\n\nFelix Wilhelm, Fermin J. (CVE-2017-14492)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 requests. \n(CVE-2017-14493)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. A remote\nattacker could use this issue to cause Dnsmasq to consume memory,\nresulting in a denial of service. (CVE-2017-14495)\n\nFelix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher\ndiscovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n dnsmasq=C2=A02.59-4ubuntu0.4\n dnsmasq-base2.59-4ubuntu0.4\n dnsmasq-utils2.59-4ubuntu0.4\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. 7.3) - ppc64, ppc64le, s390x, x86_64\n\n3. This issue only affected\nconfigurations using one of these options: enable-ra, ra-only, slaac,\nra-names, ra-advrouter, or ra-stateless. (CVE-2017-14493)\n\n* An information leak was found in dnsmasq in the DHCPv6 relay code. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: dnsmasq security update\nAdvisory ID: RHSA-2017:2839-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:2839\nIssue date: 2017-10-02\nCVE Names: CVE-2017-14491 \n=====================================================================\n\n1. Summary:\n\nAn update for dnsmasq is now available for Red Hat Enterprise Linux 6.2\nAdvanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update\nSupport, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat\nEnterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise\nLinux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco\nExtended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update\nSupport. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64\nRed Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.2) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 6.6) - x86_64\n\n3. Description:\n\nThe dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name\nServer) forwarder and DHCP (Dynamic Host Configuration Protocol) server. \n\nSecurity Fix(es):\n\n* A heap buffer overflow was found in dnsmasq in the code responsible for\nbuilding DNS replies. \n(CVE-2017-14491)\n\nRed Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. \nSerna (Google Security Team), Gabriel Campana (Google Security Team), Kevin\nHamacher (Google Security Team), and Ron Bowes (Google Security Team) for\nreporting this issue. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies\n\n6. Package List:\n\nRed Hat Enterprise Linux HPC Node EUS (v. 6.7):\n\nSource:\ndnsmasq-2.48-16.el6_7.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-16.el6_7.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional EUS (v. 6.7):\n\nx86_64:\ndnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm\ndnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.2):\n\nSource:\ndnsmasq-2.48-5.el6_2.2.src.rpm\n\nx86_64:\ndnsmasq-2.48-5.el6_2.2.x86_64.rpm\ndnsmasq-debuginfo-2.48-5.el6_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.4):\n\nSource:\ndnsmasq-2.48-13.el6_4.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-13.el6_4.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.5):\n\nSource:\ndnsmasq-2.48-13.el6_5.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-13.el6_5.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 6.5):\n\nSource:\ndnsmasq-2.48-13.el6_5.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-13.el6_5.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.6):\n\nSource:\ndnsmasq-2.48-14.el6_6.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-14.el6_6.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 6.6):\n\nSource:\ndnsmasq-2.48-14.el6_6.1.src.rpm\n\nx86_64:\ndnsmasq-2.48-14.el6_6.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 6.7):\n\nSource:\ndnsmasq-2.48-16.el6_7.1.src.rpm\n\ni386:\ndnsmasq-2.48-16.el6_7.1.i686.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm\n\nppc64:\ndnsmasq-2.48-16.el6_7.1.ppc64.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm\n\ns390x:\ndnsmasq-2.48-16.el6_7.1.s390x.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm\n\nx86_64:\ndnsmasq-2.48-16.el6_7.1.x86_64.rpm\ndnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4):\n\nSource:\ndnsmasq-2.48-13.el6_4.1.src.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.48-13.el6_4.1.x86_64.rpm\ndnsmasq-utils-2.48-13.el6_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5):\n\nSource:\ndnsmasq-2.48-13.el6_5.1.src.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm\ndnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 6.5):\n\nSource:\ndnsmasq-2.48-13.el6_5.1.src.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.48-13.el6_5.1.x86_64.rpm\ndnsmasq-utils-2.48-13.el6_5.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.6):\n\nx86_64:\ndnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm\ndnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 6.6):\n\nx86_64:\ndnsmasq-debuginfo-2.48-14.el6_6.1.x86_64.rpm\ndnsmasq-utils-2.48-14.el6_6.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 6.7):\n\ni386:\ndnsmasq-debuginfo-2.48-16.el6_7.1.i686.rpm\ndnsmasq-utils-2.48-16.el6_7.1.i686.rpm\n\nppc64:\ndnsmasq-debuginfo-2.48-16.el6_7.1.ppc64.rpm\ndnsmasq-utils-2.48-16.el6_7.1.ppc64.rpm\n\ns390x:\ndnsmasq-debuginfo-2.48-16.el6_7.1.s390x.rpm\ndnsmasq-utils-2.48-16.el6_7.1.s390x.rpm\n\nx86_64:\ndnsmasq-debuginfo-2.48-16.el6_7.1.x86_64.rpm\ndnsmasq-utils-2.48-16.el6_7.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-14491\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://access.redhat.com/security/vulnerabilities/3199382\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZ0nLUXlSAg2UNWIIRAn39AKDCsn16dEmmA7DazjU2IOpWLIFp8QCeODoG\n7t7GGwkabW2pC2Wcr35n/G8=\n=S/6b\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201710-27\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Dnsmasq: Multiple vulnerabilities\n Date: October 23, 2017\n Bugs: #632692\n ID: 201710-27\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Dnsmasq, the worst of which\nmay allow remote attackers to execute arbitrary code. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/dnsmasq \u003c 2.78 \u003e= 2.78 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Dnsmasq. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Dnsmasq users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/dnsmasq-2.78\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-14491\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491\n[ 2 ] CVE-2017-14492\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492\n[ 3 ] CVE-2017-14493\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493\n[ 4 ] CVE-2017-14494\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494\n[ 5 ] CVE-2017-14495\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495\n[ 6 ] CVE-2017-14496\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201710-27\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14491"
},
{
"db": "CERT/CC",
"id": "VU#973527"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
},
{
"db": "VULMON",
"id": "CVE-2017-14491"
},
{
"db": "PACKETSTORM",
"id": "145652"
},
{
"db": "PACKETSTORM",
"id": "144474"
},
{
"db": "PACKETSTORM",
"id": "144477"
},
{
"db": "PACKETSTORM",
"id": "144469"
},
{
"db": "PACKETSTORM",
"id": "144481"
},
{
"db": "PACKETSTORM",
"id": "144482"
},
{
"db": "PACKETSTORM",
"id": "144706"
},
{
"db": "PACKETSTORM",
"id": "144472"
}
],
"trust": 3.15
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=42941",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-14491"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-14491",
"trust": 4.1
},
{
"db": "CERT/CC",
"id": "VU#973527",
"trust": 3.3
},
{
"db": "BID",
"id": "101085",
"trust": 1.7
},
{
"db": "BID",
"id": "101977",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039474",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-689071",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "144480",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "42941",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-332-01",
"trust": 1.4
},
{
"db": "ICS CERT",
"id": "ICSA-24-074-07",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU93453933",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU93656033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-14491",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144474",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144477",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144469",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144481",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144482",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144706",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144472",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#973527"
},
{
"db": "VULMON",
"id": "CVE-2017-14491"
},
{
"db": "PACKETSTORM",
"id": "145652"
},
{
"db": "PACKETSTORM",
"id": "144474"
},
{
"db": "PACKETSTORM",
"id": "144477"
},
{
"db": "PACKETSTORM",
"id": "144469"
},
{
"db": "PACKETSTORM",
"id": "144481"
},
{
"db": "PACKETSTORM",
"id": "144482"
},
{
"db": "PACKETSTORM",
"id": "144706"
},
{
"db": "PACKETSTORM",
"id": "144472"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
},
{
"db": "NVD",
"id": "CVE-2017-14491"
}
]
},
"id": "VAR-201710-1433",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4630627775
},
"last_update_date": "2026-04-10T23:34:02.101000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Multiple\u00a0Critical\u00a0and\u00a0Important\u00a0vulnerabilities",
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/USN-3430-1/"
},
{
"title": "Dnsmasq Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92843"
},
{
"title": "Red Hat: Critical: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172838 - Security Advisory"
},
{
"title": "Red Hat: Critical: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172841 - Security Advisory"
},
{
"title": "Red Hat: Critical: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172840 - Security Advisory"
},
{
"title": "Red Hat: Critical: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172839 - Security Advisory"
},
{
"title": "Red Hat: Critical: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172837 - Security Advisory"
},
{
"title": "Red Hat: Critical: dnsmasq security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20172836 - Security Advisory"
},
{
"title": "Debian CVElist Bug Report Logs: dnsmasq: CVE-2017-13704: Size parameter overflow via large DNS query",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=fa8aad66cae5df51d49e1cdce2fe4a42"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-14491"
},
{
"title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-2"
},
{
"title": "Ubuntu Security Notice: dnsmasq regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-3"
},
{
"title": "Ubuntu Security Notice: dnsmasq vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3430-1"
},
{
"title": "Debian Security Advisories: DSA-3989-1 dnsmasq -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5c18698ecfe74c7de381531f8ed44dcf"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=7f490a104360d6f65bee18ec7bfa18a3"
},
{
"title": "Amazon Linux 2: ALAS2-2019-1251",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2019-1251"
},
{
"title": "Arch Linux Advisories: [ASA-201710-1] dnsmasq: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201710-1"
},
{
"title": "Amazon Linux AMI: ALAS-2017-907",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2017-907"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=b1921e7bf61366a1d7f889a7cdefa932"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6283337cd31f81f24d445925f2138c0e"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/suhaad79/aws-k8s-kops-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/calvinkkd/aws-k8s-kkd-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/simonelle/aws-k8s-kops-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/scholzj/aws-k8s-kops-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/bisiman2/aws-k8s-kops-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/honey336/-aws-k8s-kops-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible -1\naws-k8s-kops-ansible\naws-k8s-kops-ansible\naws-k8s-kops-ansible\naws-k8s-kops-ansible",
"trust": 0.1,
"url": "https://github.com/Andreadote/aws-k8s-kops-ansible "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/RavitejaAdepudi/KopsCluster "
},
{
"title": "Kubernetes setup on Amazon AWS using Kops and Ansible",
"trust": 0.1,
"url": "https://github.com/lorerunner/devops_kubenerates_aws "
},
{
"title": "Kaosagnt\u0027s Ansible Everyday Utils",
"trust": 0.1,
"url": "https://github.com/kaosagnt/ansible-everyday "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/google-warns-of-dos-and-rce-bugs-in-dnsmasq/128238/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-14491"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Buffer error (CWE-119) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": " Heap-based buffer overflow (CWE-122) [IPA evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
},
{
"db": "NVD",
"id": "CVE-2017-14491"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.2,
"url": "https://www.kb.cert.org/vuls/id/973527"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/101085"
},
{
"trust": 2.8,
"url": "https://www.debian.org/security/2017/dsa-3989"
},
{
"trust": 2.5,
"url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"
},
{
"trust": 2.2,
"url": "https://access.redhat.com/security/vulnerabilities/3199382"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2017:2838"
},
{
"trust": 1.9,
"url": "http://www.ubuntu.com/usn/usn-3430-1"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/42941/"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2841"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2840"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2839"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2837"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201710-27"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3430-3"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039474"
},
{
"trust": 1.7,
"url": "http://thekelleys.org.uk/dnsmasq/changelog"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2017:2836"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-3430-2"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"
},
{
"trust": 1.7,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/101977"
},
{
"trust": 1.7,
"url": "https://www.synology.com/support/security/synology_sa_17_59_dnsmasq"
},
{
"trust": 1.7,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-005.txt"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"
},
{
"trust": 1.7,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4560"
},
{
"trust": 1.7,
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449/"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html"
},
{
"trust": 1.7,
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-449"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/144480/dnsmasq-2-byte-heap-based-overflow.html"
},
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171103-01-dnsmasq-en"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30"
},
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14491"
},
{
"trust": 1.4,
"url": "http://www.thekelleys.org.uk/dnsmasq/doc.html"
},
{
"trust": 1.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-332-01"
},
{
"trust": 1.1,
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3ba=commit%3bh=0549c73b7ea6b22a3c49beb4d432f185a81efcbc"
},
{
"trust": 1.1,
"url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"
},
{
"trust": 1.1,
"url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5mmpcjoyppl4b5rby4u425pwg7eetdtd/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/yxrz2w6tv6nlujc5nofbsg6pzsmdtypv/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/527knn34rn2sb6mbjg7cksebwye3tjeb/"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/cve/cve-2017-14491"
},
{
"trust": 0.8,
"url": "https://www.ruckuswireless.com/security"
},
{
"trust": 0.8,
"url": "https://www.zyxel.com/support/announcement_dnsmasq_vulnerabilities.shtml"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93453933/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93656033/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-07"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2017-14493"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2017-14494"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2017-14492"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5mmpcjoyppl4b5rby4u425pwg7eetdtd/"
},
{
"trust": 0.6,
"url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14496.py"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2017-14496"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2017-14495"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409bug1495409"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2017-13704"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410"
},
{
"trust": 0.6,
"url": "https://source.android.com/security/bulletin/2017-10-01"
},
{
"trust": 0.6,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2017\u0026m=slackware-security.601472"
},
{
"trust": 0.6,
"url": "https://github.com/kubernetes/kubernetes/blob/master/changelog.md"
},
{
"trust": 0.6,
"url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14495.py"
},
{
"trust": 0.6,
"url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14494.py"
},
{
"trust": 0.6,
"url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14493.py"
},
{
"trust": 0.6,
"url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14492.py"
},
{
"trust": 0.6,
"url": "https://github.com/google/security-research-pocs/blob/master/vulnerabilities/dnsmasq/cve-2017-14491.py"
},
{
"trust": 0.6,
"url": "http://www.thekelleys.org.uk/dnsmasq/changelog"
},
{
"trust": 0.6,
"url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527knn34rn2sb6mbjg7cksebwye3tjeb/"
},
{
"trust": 0.6,
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0549c73b7ea6b22a3c49beb4d432f185a81efcbc"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/yxrz2w6tv6nlujc5nofbsg6pzsmdtypv/"
},
{
"trust": 0.6,
"url": "https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-332-01"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14494"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14492"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14493"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14496"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14495"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://github.com/suhaad79/aws-k8s-kops-ansible"
},
{
"trust": 0.1,
"url": "https://github.com/scholzj/aws-k8s-kops-ansible"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1741262"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.76-5ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.75-1ubuntu0.16.04.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.68-1ubuntu0.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14495"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14493"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14491"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14496"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-14494"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#973527"
},
{
"db": "VULMON",
"id": "CVE-2017-14491"
},
{
"db": "PACKETSTORM",
"id": "145652"
},
{
"db": "PACKETSTORM",
"id": "144474"
},
{
"db": "PACKETSTORM",
"id": "144477"
},
{
"db": "PACKETSTORM",
"id": "144469"
},
{
"db": "PACKETSTORM",
"id": "144481"
},
{
"db": "PACKETSTORM",
"id": "144482"
},
{
"db": "PACKETSTORM",
"id": "144706"
},
{
"db": "PACKETSTORM",
"id": "144472"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618"
},
{
"db": "NVD",
"id": "CVE-2017-14491"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#973527",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2017-14491",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145652",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144474",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144477",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144469",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144481",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144482",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144706",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "144472",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008618",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-14491",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-10-02T00:00:00",
"db": "CERT/CC",
"id": "VU#973527",
"ident": null
},
{
"date": "2017-10-04T00:00:00",
"db": "VULMON",
"id": "CVE-2017-14491",
"ident": null
},
{
"date": "2018-01-04T17:50:40",
"db": "PACKETSTORM",
"id": "145652",
"ident": null
},
{
"date": "2017-10-02T08:55:00",
"db": "PACKETSTORM",
"id": "144474",
"ident": null
},
{
"date": "2017-10-02T11:11:00",
"db": "PACKETSTORM",
"id": "144477",
"ident": null
},
{
"date": "2017-10-02T13:13:00",
"db": "PACKETSTORM",
"id": "144469",
"ident": null
},
{
"date": "2017-10-03T05:18:12",
"db": "PACKETSTORM",
"id": "144481",
"ident": null
},
{
"date": "2017-10-03T05:18:27",
"db": "PACKETSTORM",
"id": "144482",
"ident": null
},
{
"date": "2017-10-23T13:54:05",
"db": "PACKETSTORM",
"id": "144706",
"ident": null
},
{
"date": "2017-10-02T08:33:00",
"db": "PACKETSTORM",
"id": "144472",
"ident": null
},
{
"date": "2017-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-747",
"ident": null
},
{
"date": "2017-10-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008618",
"ident": null
},
{
"date": "2017-10-04T01:29:02.870000",
"db": "NVD",
"id": "CVE-2017-14491",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-02-02T00:00:00",
"db": "CERT/CC",
"id": "VU#973527",
"ident": null
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2017-14491",
"ident": null
},
{
"date": "2022-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-747",
"ident": null
},
{
"date": "2024-03-22T07:54:00",
"db": "JVNDB",
"id": "JVNDB-2017-008618",
"ident": null
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-14491",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "145652"
},
{
"db": "PACKETSTORM",
"id": "144469"
},
{
"db": "PACKETSTORM",
"id": "144706"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
}
],
"trust": 0.9
},
"title": {
"_id": null,
"data": "Dnsmasq contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#973527"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-747"
}
],
"trust": 0.6
}
}
VAR-201506-0038
Vulnerability from variot - Updated: 2026-04-10 23:32Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set. Xen is a virtualization technology for the Linux kernel that allows multiple operating systems to run simultaneously. QEMU (also known as Quick Emulator) is a set of analog processor software developed by French programmer Fabrice Bellard. The software has the characteristics of fast speed and cross-platform. 5 client) - x86_64 RHEL Virtualization (v. 5 server) - x86_64
- Note: The procedure in the Solution section must be performed before this update will take effect.
2) Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd. 5 client):
Source: kvm-83-273.el5_11.src.rpm
x86_64: kmod-kvm-83-273.el5_11.x86_64.rpm kmod-kvm-debug-83-273.el5_11.x86_64.rpm kvm-83-273.el5_11.x86_64.rpm kvm-debuginfo-83-273.el5_11.x86_64.rpm kvm-qemu-img-83-273.el5_11.x86_64.rpm kvm-tools-83-273.el5_11.x86_64.rpm
RHEL Virtualization (v. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: qemu-kvm security update Advisory ID: RHSA-2015:1087-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1087.html Issue date: 2015-06-10 CVE Names: CVE-2015-3209 =====================================================================
- Summary:
Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
- Description:
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM.
A flaw was found in the way QEMU's AMD PCnet Ethernet emulation handled multi-TMD packets with a length above 4096 bytes. (CVE-2015-3209)
Red Hat would like to thank Matt Tait of Google's Project Zero security team for reporting this issue.
All qemu-kvm users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1225882 - CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: qemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm
i386: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm
x86_64: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: qemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm
x86_64: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: qemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm
i386: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm
x86_64: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: qemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm
i386: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm
x86_64: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-3209 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVeHRmXlSAg2UNWIIRAkq5AKCeYGr9MG7Kdic1FVJZw2avAhO6eACdFG0W VCkW3jIuuaxOqeYM0s8u6ss= =+WsT -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
CVE-2015-4037
Kurt Seifried of Red Hat Product Security discovered that QEMU's
user mode networking stack uses predictable temporary file names
when the -smb option is used.
CVE-2015-4163
Jan Beulich discovered that a missing version check in the
GNTTABOP_swap_grant_ref hypercall handler may result in denial of service.
This only applies to Debian stable/jessie.
CVE-2015-4164
Andrew Cooper discovered a vulnerability in the iret hypercall handler,
which may result in denial of service.
For the oldstable distribution (wheezy), these problems have been fixed in version 4.1.4-3+deb7u8.
For the stable distribution (jessie), these problems have been fixed in version 4.4.1-9+deb8u1. CVE-2015-3209, CVE-2015-4103, CVE-2015-4104, CVE-2015-4105 and CVE-2015-4106 don't affect the Xen package in stable jessie, it uses the standard qemu package and has already been fixed in DSA-3284-1.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your xen packages. From: Yury German blueknight@gentoo.org To: gentoo-announce@lists.gentoo.org Message-ID: 57035F2D.8090108@gentoo.org Subject: [ GLSA 201604-03 ] Xen: Multiple vulnerabilities
Gentoo Linux Security Advisory GLSA 201604-03
https://security.gentoo.org/
Severity: Normal Title: Xen: Multiple vulnerabilities Date: April 05, 2016 Bugs: #445254, #513832, #547202, #549200, #549950, #550658, #553664, #553718, #555532, #556304, #561110, #564472, #564932, #566798, #566838, #566842, #567962, #571552, #571556, #574012 ID: 201604-03
Synopsis
Multiple vulnerabilities have been found in Xen, the worst of which cause a Denial of Service.
Background
Xen is a bare-metal hypervisor.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/xen < 4.6.0-r9 >= 4.6.0-r9 >= 4.5.2-r5 2 app-emulation/xen-pvgrub < 4.6.0 Vulnerable! 3 app-emulation/xen-tools < 4.6.0-r9 >= 4.6.0-r9 >= 4.5.2-r5 4 app-emulation/pvgrub >= 4.6.0 *>= 4.5.2 ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 4 affected packages
Description
Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Xen 4.5 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.5.2-r5"
All Xen 4.6 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.6.0-r9"
All Xen tools 4.5 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.5.2-r5"
All Xen tools 4.6 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.6.0-r9"
All Xen pvgrub users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-pvgrub-4.6.0"=
References
[ 1 ] CVE-2012-3494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3494 [ 2 ] CVE-2012-3495 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3495 [ 3 ] CVE-2012-3496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3496 [ 4 ] CVE-2012-3497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3497 [ 5 ] CVE-2012-3498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3498 [ 6 ] CVE-2012-3515 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3515 [ 7 ] CVE-2012-4411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4411 [ 8 ] CVE-2012-4535 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4535 [ 9 ] CVE-2012-4536 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4536 [ 10 ] CVE-2012-4537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4537 [ 11 ] CVE-2012-4538 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4538 [ 12 ] CVE-2012-4539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4539 [ 13 ] CVE-2012-6030 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6030 [ 14 ] CVE-2012-6031 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6031 [ 15 ] CVE-2012-6032 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6032 [ 16 ] CVE-2012-6033 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6033 [ 17 ] CVE-2012-6034 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6034 [ 18 ] CVE-2012-6035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6035 [ 19 ] CVE-2012-6036 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6036 [ 20 ] CVE-2015-2151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2151 [ 21 ] CVE-2015-3209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3209 [ 22 ] CVE-2015-3259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3259 [ 23 ] CVE-2015-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3340 [ 24 ] CVE-2015-3456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3456 [ 25 ] CVE-2015-4103 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4103 [ 26 ] CVE-2015-4104 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4104 [ 27 ] CVE-2015-4105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4105 [ 28 ] CVE-2015-4106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4106 [ 29 ] CVE-2015-4163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4163 [ 30 ] CVE-2015-4164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4164 [ 31 ] CVE-2015-5154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5154 [ 32 ] CVE-2015-7311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7311 [ 33 ] CVE-2015-7504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7504 [ 34 ] CVE-2015-7812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7812 [ 35 ] CVE-2015-7813 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7813 [ 36 ] CVE-2015-7814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7814 [ 37 ] CVE-2015-7835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7835 [ 38 ] CVE-2015-7871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871 [ 39 ] CVE-2015-7969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7969 [ 40 ] CVE-2015-7970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7970 [ 41 ] CVE-2015-7971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7971 [ 42 ] CVE-2015-7972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7972 [ 43 ] CVE-2015-8339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8339 [ 44 ] CVE-2015-8340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8340 [ 45 ] CVE-2015-8341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8341 [ 46 ] CVE-2015-8550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8550 [ 47 ] CVE-2015-8551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8551 [ 48 ] CVE-2015-8552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8552 [ 49 ] CVE-2015-8554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8554 [ 50 ] CVE-2015-8555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8555 [ 51 ] CVE-2016-2270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2270 [ 52 ] CVE-2016-2271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2271
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201604-03
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--roWGDR0oQEDLX1s6lNAQV7ISgI2Pjo8Pc . ============================================================================ Ubuntu Security Notice USN-2630-1 June 10, 2015
qemu, qemu-kvm vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in QEMU.
Software Description: - qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer
Details:
Matt Tait discovered that QEMU incorrectly handled the virtual PCNET driver. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2015-3209)
Kurt Seifried discovered that QEMU incorrectly handled certain temporary files. A local attacker could use this issue to cause a denial of service. (CVE-2015-4037)
Jan Beulich discovered that the QEMU Xen code incorrectly restricted write access to the host MSI message data field. A malicious guest could use this issue to cause a denial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4103)
Jan Beulich discovered that the QEMU Xen code incorrectly restricted access to the PCI MSI mask bits. A malicious guest could use this issue to cause a denial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4104)
Jan Beulich discovered that the QEMU Xen code incorrectly handled MSI-X error messages. A malicious guest could use this issue to cause a denial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4105)
Jan Beulich discovered that the QEMU Xen code incorrectly restricted write access to the PCI config space. A malicious guest could use this issue to cause a denial of service, obtain sensitive information, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4106)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: qemu-system 1:2.2+dfsg-5expubuntu9.2 qemu-system-aarch64 1:2.2+dfsg-5expubuntu9.2 qemu-system-arm 1:2.2+dfsg-5expubuntu9.2 qemu-system-mips 1:2.2+dfsg-5expubuntu9.2 qemu-system-misc 1:2.2+dfsg-5expubuntu9.2 qemu-system-ppc 1:2.2+dfsg-5expubuntu9.2 qemu-system-sparc 1:2.2+dfsg-5expubuntu9.2 qemu-system-x86 1:2.2+dfsg-5expubuntu9.2
Ubuntu 14.10: qemu-system 2.1+dfsg-4ubuntu6.7 qemu-system-aarch64 2.1+dfsg-4ubuntu6.7 qemu-system-arm 2.1+dfsg-4ubuntu6.7 qemu-system-mips 2.1+dfsg-4ubuntu6.7 qemu-system-misc 2.1+dfsg-4ubuntu6.7 qemu-system-ppc 2.1+dfsg-4ubuntu6.7 qemu-system-sparc 2.1+dfsg-4ubuntu6.7 qemu-system-x86 2.1+dfsg-4ubuntu6.7
Ubuntu 14.04 LTS: qemu-system 2.0.0+dfsg-2ubuntu1.13 qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.13 qemu-system-arm 2.0.0+dfsg-2ubuntu1.13 qemu-system-mips 2.0.0+dfsg-2ubuntu1.13 qemu-system-misc 2.0.0+dfsg-2ubuntu1.13 qemu-system-ppc 2.0.0+dfsg-2ubuntu1.13 qemu-system-sparc 2.0.0+dfsg-2ubuntu1.13 qemu-system-x86 2.0.0+dfsg-2ubuntu1.13
Ubuntu 12.04 LTS: qemu-kvm 1.0+noroms-0ubuntu14.23
After a standard system update you need to restart all QEMU virtual machines to make all the necessary changes.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "eos",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": "4.15"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.10"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "22"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "eos",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": "4.12"
},
{
"_id": null,
"model": "eos",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": "4.13"
},
{
"_id": null,
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"_id": null,
"model": "virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "junos space",
"scope": "lte",
"trust": 1.0,
"vendor": "juniper",
"version": "15.1"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.04"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "21"
},
{
"_id": null,
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "eos",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": "4.14"
},
{
"_id": null,
"model": "qemu",
"scope": "lte",
"trust": 1.0,
"vendor": "qemu",
"version": "2.3.1"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "linux enterprise debuginfo",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "xen",
"scope": "eq",
"trust": 0.6,
"vendor": "xensource",
"version": "4.2.x"
},
{
"_id": null,
"model": "xen",
"scope": "eq",
"trust": 0.6,
"vendor": "xensource",
"version": "4.3.x"
},
{
"_id": null,
"model": "xen",
"scope": "eq",
"trust": 0.6,
"vendor": "xensource",
"version": "4.4.x"
},
{
"_id": null,
"model": "junos space",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "15.1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-282"
},
{
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "132447"
},
{
"db": "PACKETSTORM",
"id": "132242"
}
],
"trust": 0.2
},
"cve": "CVE-2015-3209",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3209",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-03820",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-81170",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3209",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2015-03820",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-282",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-81170",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "VULHUB",
"id": "VHN-81170"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-282"
},
{
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"description": {
"_id": null,
"data": "Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set. Xen is a virtualization technology for the Linux kernel that allows multiple operating systems to run simultaneously. QEMU (also known as Quick Emulator) is a set of analog processor software developed by French programmer Fabrice Bellard. The software has the characteristics of fast speed and cross-platform. 5 client) - x86_64\nRHEL Virtualization (v. 5 server) - x86_64\n\n3. Note: The procedure in\nthe Solution section must be performed before this update will take effect. \n\n2) Either reboot the hypervisor machine or, as the root user, remove (using\n\"modprobe -r [module]\") and reload (using \"modprobe [module]\") all of the\nfollowing modules which are currently running (determined using \"lsmod\"):\nkvm, ksm, kvm-intel or kvm-amd. 5 client):\n\nSource:\nkvm-83-273.el5_11.src.rpm\n\nx86_64:\nkmod-kvm-83-273.el5_11.x86_64.rpm\nkmod-kvm-debug-83-273.el5_11.x86_64.rpm\nkvm-83-273.el5_11.x86_64.rpm\nkvm-debuginfo-83-273.el5_11.x86_64.rpm\nkvm-qemu-img-83-273.el5_11.x86_64.rpm\nkvm-tools-83-273.el5_11.x86_64.rpm\n\nRHEL Virtualization (v. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: qemu-kvm security update\nAdvisory ID: RHSA-2015:1087-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1087.html\nIssue date: 2015-06-10\nCVE Names: CVE-2015-3209 \n=====================================================================\n\n1. Summary:\n\nUpdated qemu-kvm packages that fix one security issue are now available for\nRed Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\n\n3. Description:\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. The qemu-kvm package provides the\nuser-space component for running virtual machines using KVM. \n\nA flaw was found in the way QEMU\u0027s AMD PCnet Ethernet emulation handled\nmulti-TMD packets with a length above 4096 bytes. (CVE-2015-3209)\n\nRed Hat would like to thank Matt Tait of Google\u0027s Project Zero security\nteam for reporting this issue. \n\nAll qemu-kvm users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing this\nupdate, shut down all running virtual machines. Once all virtual machines\nhave shut down, start them again for this update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1225882 - CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nqemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm\n\ni386:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm\n\nx86_64:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nqemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm\n\nx86_64:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nqemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm\n\ni386:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm\n\nx86_64:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nqemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm\n\ni386:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm\n\nx86_64:\nqemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm\nqemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-3209\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVeHRmXlSAg2UNWIIRAkq5AKCeYGr9MG7Kdic1FVJZw2avAhO6eACdFG0W\nVCkW3jIuuaxOqeYM0s8u6ss=\n=+WsT\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nCVE-2015-4037\n\n Kurt Seifried of Red Hat Product Security discovered that QEMU\u0027s\n user mode networking stack uses predictable temporary file names\n when the -smb option is used. \n\nCVE-2015-4163\n\n Jan Beulich discovered that a missing version check in the\n GNTTABOP_swap_grant_ref hypercall handler may result in denial of service. \n This only applies to Debian stable/jessie. \n\nCVE-2015-4164\n\n Andrew Cooper discovered a vulnerability in the iret hypercall handler,\n which may result in denial of service. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 4.1.4-3+deb7u8. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 4.4.1-9+deb8u1. CVE-2015-3209, CVE-2015-4103, CVE-2015-4104,\nCVE-2015-4105 and CVE-2015-4106 don\u0027t affect the Xen package in stable\njessie, it uses the standard qemu package and has already been fixed in\nDSA-3284-1. \n\nFor the unstable distribution (sid), these problems will be fixed soon. \n\nWe recommend that you upgrade your xen packages. From: Yury German \u003cblueknight@gentoo.org\u003e\nTo: gentoo-announce@lists.gentoo.org\nMessage-ID: \u003c57035F2D.8090108@gentoo.org\u003e\nSubject: [ GLSA 201604-03 ] Xen: Multiple vulnerabilities\n\n\n\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201604-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Xen: Multiple vulnerabilities\n Date: April 05, 2016\n Bugs: #445254, #513832, #547202, #549200, #549950, #550658,\n #553664, #553718, #555532, #556304, #561110, #564472,\n #564932, #566798, #566838, #566842, #567962, #571552,\n #571556, #574012\n ID: 201604-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Xen, the worst of which\ncause a Denial of Service. \n\nBackground\n==========\n\nXen is a bare-metal hypervisor. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-emulation/xen \u003c 4.6.0-r9 \u003e= 4.6.0-r9\n *\u003e= 4.5.2-r5\n 2 app-emulation/xen-pvgrub\n \u003c 4.6.0 Vulnerable!\n 3 app-emulation/xen-tools \u003c 4.6.0-r9 \u003e= 4.6.0-r9\n *\u003e= 4.5.2-r5\n 4 app-emulation/pvgrub \u003e= 4.6.0\n *\u003e= 4.5.2\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. \n -------------------------------------------------------------------\n 4 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Xen. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Xen 4.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-4.5.2-r5\"\n\nAll Xen 4.6 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-4.6.0-r9\"\n\nAll Xen tools 4.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=app-emulation/xen-tools-4.5.2-r5\"\n\nAll Xen tools 4.6 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=app-emulation/xen-tools-4.6.0-r9\"\n\nAll Xen pvgrub users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-pvgrub-4.6.0\"=\n\n\nReferences\n==========\n\n[ 1 ] CVE-2012-3494\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3494\n[ 2 ] CVE-2012-3495\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3495\n[ 3 ] CVE-2012-3496\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3496\n[ 4 ] CVE-2012-3497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3497\n[ 5 ] CVE-2012-3498\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3498\n[ 6 ] CVE-2012-3515\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3515\n[ 7 ] CVE-2012-4411\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4411\n[ 8 ] CVE-2012-4535\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4535\n[ 9 ] CVE-2012-4536\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4536\n[ 10 ] CVE-2012-4537\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4537\n[ 11 ] CVE-2012-4538\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4538\n[ 12 ] CVE-2012-4539\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4539\n[ 13 ] CVE-2012-6030\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6030\n[ 14 ] CVE-2012-6031\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6031\n[ 15 ] CVE-2012-6032\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6032\n[ 16 ] CVE-2012-6033\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6033\n[ 17 ] CVE-2012-6034\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6034\n[ 18 ] CVE-2012-6035\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6035\n[ 19 ] CVE-2012-6036\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6036\n[ 20 ] CVE-2015-2151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2151\n[ 21 ] CVE-2015-3209\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3209\n[ 22 ] CVE-2015-3259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3259\n[ 23 ] CVE-2015-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3340\n[ 24 ] CVE-2015-3456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3456\n[ 25 ] CVE-2015-4103\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4103\n[ 26 ] CVE-2015-4104\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4104\n[ 27 ] CVE-2015-4105\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4105\n[ 28 ] CVE-2015-4106\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4106\n[ 29 ] CVE-2015-4163\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4163\n[ 30 ] CVE-2015-4164\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4164\n[ 31 ] CVE-2015-5154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5154\n[ 32 ] CVE-2015-7311\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7311\n[ 33 ] CVE-2015-7504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7504\n[ 34 ] CVE-2015-7812\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7812\n[ 35 ] CVE-2015-7813\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7813\n[ 36 ] CVE-2015-7814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7814\n[ 37 ] CVE-2015-7835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7835\n[ 38 ] CVE-2015-7871\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871\n[ 39 ] CVE-2015-7969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7969\n[ 40 ] CVE-2015-7970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7970\n[ 41 ] CVE-2015-7971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7971\n[ 42 ] CVE-2015-7972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7972\n[ 43 ] CVE-2015-8339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8339\n[ 44 ] CVE-2015-8340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8340\n[ 45 ] CVE-2015-8341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8341\n[ 46 ] CVE-2015-8550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8550\n[ 47 ] CVE-2015-8551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8551\n[ 48 ] CVE-2015-8552\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8552\n[ 49 ] CVE-2015-8554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8554\n[ 50 ] CVE-2015-8555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8555\n[ 51 ] CVE-2016-2270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2270\n[ 52 ] CVE-2016-2271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2271\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201604-03\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n--roWGDR0oQEDLX1s6lNAQV7ISgI2Pjo8Pc\n. ============================================================================\nUbuntu Security Notice USN-2630-1\nJune 10, 2015\n\nqemu, qemu-kvm vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in QEMU. \n\nSoftware Description:\n- qemu: Machine emulator and virtualizer\n- qemu-kvm: Machine emulator and virtualizer\n\nDetails:\n\nMatt Tait discovered that QEMU incorrectly handled the virtual PCNET\ndriver. In the default installation, when QEMU is used with\nlibvirt, attackers would be isolated by the libvirt AppArmor profile. \n(CVE-2015-3209)\n\nKurt Seifried discovered that QEMU incorrectly handled certain temporary\nfiles. A local attacker could use this issue to cause a denial of service. \n(CVE-2015-4037)\n\nJan Beulich discovered that the QEMU Xen code incorrectly restricted write\naccess to the host MSI message data field. A malicious guest could use this\nissue to cause a denial of service. This issue only applied to Ubuntu 14.04\nLTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4103)\n\nJan Beulich discovered that the QEMU Xen code incorrectly restricted access\nto the PCI MSI mask bits. A malicious guest could use this issue to cause a\ndenial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu\n14.10 and Ubuntu 15.04. (CVE-2015-4104)\n\nJan Beulich discovered that the QEMU Xen code incorrectly handled MSI-X\nerror messages. A malicious guest could use this issue to cause a denial of\nservice. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and\nUbuntu 15.04. (CVE-2015-4105)\n\nJan Beulich discovered that the QEMU Xen code incorrectly restricted write\naccess to the PCI config space. A malicious guest could use this issue to\ncause a denial of service, obtain sensitive information, or possibly\nexecute arbitrary code. This issue only applied to Ubuntu 14.04 LTS,\nUbuntu 14.10 and Ubuntu 15.04. (CVE-2015-4106)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n qemu-system 1:2.2+dfsg-5expubuntu9.2\n qemu-system-aarch64 1:2.2+dfsg-5expubuntu9.2\n qemu-system-arm 1:2.2+dfsg-5expubuntu9.2\n qemu-system-mips 1:2.2+dfsg-5expubuntu9.2\n qemu-system-misc 1:2.2+dfsg-5expubuntu9.2\n qemu-system-ppc 1:2.2+dfsg-5expubuntu9.2\n qemu-system-sparc 1:2.2+dfsg-5expubuntu9.2\n qemu-system-x86 1:2.2+dfsg-5expubuntu9.2\n\nUbuntu 14.10:\n qemu-system 2.1+dfsg-4ubuntu6.7\n qemu-system-aarch64 2.1+dfsg-4ubuntu6.7\n qemu-system-arm 2.1+dfsg-4ubuntu6.7\n qemu-system-mips 2.1+dfsg-4ubuntu6.7\n qemu-system-misc 2.1+dfsg-4ubuntu6.7\n qemu-system-ppc 2.1+dfsg-4ubuntu6.7\n qemu-system-sparc 2.1+dfsg-4ubuntu6.7\n qemu-system-x86 2.1+dfsg-4ubuntu6.7\n\nUbuntu 14.04 LTS:\n qemu-system 2.0.0+dfsg-2ubuntu1.13\n qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.13\n qemu-system-arm 2.0.0+dfsg-2ubuntu1.13\n qemu-system-mips 2.0.0+dfsg-2ubuntu1.13\n qemu-system-misc 2.0.0+dfsg-2ubuntu1.13\n qemu-system-ppc 2.0.0+dfsg-2ubuntu1.13\n qemu-system-sparc 2.0.0+dfsg-2ubuntu1.13\n qemu-system-x86 2.0.0+dfsg-2ubuntu1.13\n\nUbuntu 12.04 LTS:\n qemu-kvm 1.0+noroms-0ubuntu14.23\n\nAfter a standard system update you need to restart all QEMU virtual\nmachines to make all the necessary changes. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3209"
},
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "VULHUB",
"id": "VHN-81170"
},
{
"db": "PACKETSTORM",
"id": "132447"
},
{
"db": "PACKETSTORM",
"id": "132242"
},
{
"db": "PACKETSTORM",
"id": "132289"
},
{
"db": "PACKETSTORM",
"id": "132290"
},
{
"db": "PACKETSTORM",
"id": "136587"
},
{
"db": "PACKETSTORM",
"id": "132251"
},
{
"db": "PACKETSTORM",
"id": "134165"
}
],
"trust": 2.16
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-3209",
"trust": 3.0
},
{
"db": "BID",
"id": "75123",
"trust": 2.3
},
{
"db": "SECTRACK",
"id": "1032545",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10783",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10698",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201506-282",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-03820",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "132290",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "134165",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132289",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132447",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132242",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132251",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132241",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-81170",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136587",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "VULHUB",
"id": "VHN-81170"
},
{
"db": "PACKETSTORM",
"id": "132447"
},
{
"db": "PACKETSTORM",
"id": "132242"
},
{
"db": "PACKETSTORM",
"id": "132289"
},
{
"db": "PACKETSTORM",
"id": "132290"
},
{
"db": "PACKETSTORM",
"id": "136587"
},
{
"db": "PACKETSTORM",
"id": "132251"
},
{
"db": "PACKETSTORM",
"id": "134165"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-282"
},
{
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"id": "VAR-201506-0038",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "VULHUB",
"id": "VHN-81170"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
}
]
},
"last_update_date": "2026-04-10T23:32:30.204000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Xen QEMU PCNET Controller Heap Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/59683"
},
{
"title": "xsa135-qemut-1",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=56387"
},
{
"title": "xsa135-qemuu-4.2-2",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=56391"
},
{
"title": "xsa135-qemuu-4.5-2",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=56395"
},
{
"title": "xsa135-qemuu-4.2-1",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=56390"
},
{
"title": "xsa135-qemuu-4.5-1",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=56394"
},
{
"title": "xsa135-qemuu-unstable",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=56389"
},
{
"title": "xsa135-qemuu-4.3-2",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=56393"
},
{
"title": "xsa135-qemut-2",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=56388"
},
{
"title": "xsa135-qemuu-4.3-1",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=56392"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-282"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81170"
},
{
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.3,
"url": "http://xenbits.xen.org/xsa/advisory-135.html"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201510-02"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1087.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1189.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-2630-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1032545"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/75123"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2015/dsa-3284"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2015/dsa-3285"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2015/dsa-3286"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160669.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160685.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160677.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1088.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1089.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00027.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00030.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00014.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00020.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00015.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html"
},
{
"trust": 1.7,
"url": "https://kb.juniper.net/jsa10783"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13"
},
{
"trust": 1.6,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10698"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2015-3209"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3209"
},
{
"trust": 0.6,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3209"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2015:1189"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2015:1088"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2015:1089"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2015:1087"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1225882"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4105"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4103"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4106"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4104"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4037"
},
{
"trust": 0.2,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5154"
},
{
"trust": 0.2,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3209"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10698"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4164"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4163"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4536"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7504"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4535"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4105"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4535"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6030"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7835"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4538"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6036"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6036"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7814"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8550"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3456"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3497"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4536"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3495"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6031"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4537"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6034"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3259"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4411"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7972"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4538"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6035"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3495"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4539"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3494"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6033"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6032"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4537"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6035"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6032"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7813"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3515"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7971"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3498"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2270"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6031"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6030"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3498"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3497"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3494"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4163"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7311"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3259"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6033"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8554"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4411"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6034"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4539"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4164"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3515"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4103"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3496"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3456"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4104"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3496"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2271"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7812"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/qemu/2.1+dfsg-4ubuntu6.7"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/qemu-kvm/1.0+noroms-0ubuntu14.23"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/qemu/2.0.0+dfsg-2ubuntu1.13"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/qemu/1:2.2+dfsg-5expubuntu9.2"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3214"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3214"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5158"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5158"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
},
{
"db": "VULHUB",
"id": "VHN-81170"
},
{
"db": "PACKETSTORM",
"id": "132447"
},
{
"db": "PACKETSTORM",
"id": "132242"
},
{
"db": "PACKETSTORM",
"id": "132289"
},
{
"db": "PACKETSTORM",
"id": "132290"
},
{
"db": "PACKETSTORM",
"id": "136587"
},
{
"db": "PACKETSTORM",
"id": "132251"
},
{
"db": "PACKETSTORM",
"id": "134165"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-282"
},
{
"db": "NVD",
"id": "CVE-2015-3209"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-03820",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-81170",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132447",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132242",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132289",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132290",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136587",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132251",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "134165",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201506-282",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-3209",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-06-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03820",
"ident": null
},
{
"date": "2015-06-15T00:00:00",
"db": "VULHUB",
"id": "VHN-81170",
"ident": null
},
{
"date": "2015-06-25T14:19:06",
"db": "PACKETSTORM",
"id": "132447",
"ident": null
},
{
"date": "2015-06-10T23:39:22",
"db": "PACKETSTORM",
"id": "132242",
"ident": null
},
{
"date": "2015-06-15T15:43:00",
"db": "PACKETSTORM",
"id": "132289",
"ident": null
},
{
"date": "2015-06-15T15:43:07",
"db": "PACKETSTORM",
"id": "132290",
"ident": null
},
{
"date": "2016-04-06T13:30:13",
"db": "PACKETSTORM",
"id": "136587",
"ident": null
},
{
"date": "2015-06-10T23:41:07",
"db": "PACKETSTORM",
"id": "132251",
"ident": null
},
{
"date": "2015-11-02T16:49:11",
"db": "PACKETSTORM",
"id": "134165",
"ident": null
},
{
"date": "2015-06-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-282",
"ident": null
},
{
"date": "2015-06-15T15:59:00.070000",
"db": "NVD",
"id": "CVE-2015-3209",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2015-06-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03820",
"ident": null
},
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81170",
"ident": null
},
{
"date": "2023-04-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-282",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-3209",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-282"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Xen QEMU PCNET Controller Heap Overflow Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03820"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-282"
}
],
"trust": 0.6
}
}
VAR-201109-0200
Vulnerability from variot - Updated: 2026-04-10 23:30Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling. Used in multiple products Webkit There is a service disruption (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, cause denial-of-service conditions, perform spoofing attacks, and bypass the same-origin policy; other attacks may also be possible. Versions prior to Chrome 14.0.835.163 are vulnerable. Google Chrome is a web browser developed by Google (Google). These could be used in a malicious web site to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue is addressed through an improved domain name validity check. This issue does not affect OS X systems. Third-party websites could set cookies if the "Block Cookies" preference in Safari was set to the default setting of "From third parties and advertisers". CVE-ID CVE-2012-0640 : nshah
WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later Impact: HTTP authentication credentials may be inadvertently disclosed to another site Description: If a site uses HTTP authentication and redirects to another site, the authentication credentials may be sent to the other site. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2012-03-07-2 iOS 5.1 Software Update
iOS 5.1 Software Update is now available and addresses the following:
CFNetwork Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers. CVE-ID CVE-2012-0641 : Erling Ellingsen of Facebook
HFS Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Mounting a maliciously crafted disk image may lead to a device shutdown or arbitrary code execution Description: An integer underflow existed with the handling of HFS catalog files. CVE-ID CVE-2012-0642 : pod2g
Kernel Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A malicious program could bypass sandbox restrictions Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges. CVE-ID CVE-2012-0643 : 2012 iOS Jailbreak Dream Team
libresolv Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Applications that use the libresolv library may be vulnerable to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of DNS resource records, which may lead to heap memory corruption. CVE-ID CVE-2011-3453 : Ilja van Sprundel of IOActive
Passcode Lock Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A person with physical access to the device may be able to bypass the screen lock Description: A race condition issue existed in the handling of slide to dial gestures. This may allow a person with physical access to the device to bypass the Passcode Lock screen. CVE-ID CVE-2012-0644 : Roland Kohler of the German Federal Ministry of Economics and Technology
Safari Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Web page visits may be recorded in browser history even when Private Browsing is active Description: Safari's Private Browsing is designed to prevent recording of a browsing session. Pages visited as a result of a site using the JavaScript methods pushState or replaceState were recorded in the browser history even when Private Browsing mode was active. This issue is addressed by not recording such visits when Private Browsing is active. CVE-ID CVE-2012-0585 : Eric Melville of American Express
Siri Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: An attacker with physical access to a locked phone could get access to frontmost email message Description: A design issue existed in Siri's lock screen restrictions. If Siri was enabled for use on the lock screen, and Mail was open with a message selected behind the lock screen, a voice command could be used to send that message to an arbitrary recipient. This issue is addressed by disabling forwarding of active messages from the lock screen. CVE-ID CVE-2012-0645
VPN Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A maliciously crafted system configuration file may lead to arbitrary code execution with system privileges Description: A format string vulnerability existed in the handling of racoon configuration files. CVE-ID CVE-2012-0646 : pod2g
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of cookies Description: A cross-origin issue existed in WebKit, which may allow cookies to be disclosed across origins. CVE-ID CVE-2011-3887 : Sergey Glazunov
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website and dragging content with the mouse may lead to a cross-site scripting attack Description: A cross-origin issue existed in WebKit, which may allow content to be dragged and dropped across origins. CVE-ID CVE-2012-0590 : Adam Barth of Google Chrome Security Team
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: Multiple cross-origin issues existed in WebKit. CVE-ID CVE-2011-3881 : Sergey Glazunov CVE-2012-0586 : Sergey Glazunov CVE-2012-0587 : Sergey Glazunov CVE-2012-0588 : Jochen Eisinger of Google Chrome Team CVE-2012-0589 : Alan Austin of polyvore.com
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. CVE-ID CVE-2011-2825 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-2833 : Apple CVE-2011-2846 : Arthur Gerkis, miaubiz CVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense VCP CVE-2011-2857 : miaubiz CVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2867 : Dirk Schulze CVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2869 : Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2877 : miaubiz CVE-2011-3885 : miaubiz CVE-2011-3888 : miaubiz CVE-2011-3897 : pa_kt working with TippingPoint's Zero Day Initiative CVE-2011-3908 : Aki Helin of OUSPG CVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu CVE-2011-3928 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2012-0591 : miaubiz, and Martin Barbella CVE-2012-0592 : Alexander Gavrun working with TippingPoint's Zero Day Initiative CVE-2012-0593 : Lei Zhang of the Chromium development community CVE-2012-0594 : Adam Klein of the Chromium development community CVE-2012-0595 : Apple CVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0597 : miaubiz CVE-2012-0598 : Sergey Glazunov CVE-2012-0599 : Dmytro Gorbunov of SaveSources.com CVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google Chrome, miaubiz, Aki Helin of OUSPG, Apple CVE-2012-0601 : Apple CVE-2012-0602 : Apple CVE-2012-0603 : Apple CVE-2012-0604 : Apple CVE-2012-0605 : Apple CVE-2012-0606 : Apple CVE-2012-0607 : Apple CVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0611 : Martin Barbella using AddressSanitizer CVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0615 : Martin Barbella using AddressSanitizer CVE-2012-0616 : miaubiz CVE-2012-0617 : Martin Barbella using AddressSanitizer CVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0621 : Martin Barbella using AddressSanitizer CVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome Security Team CVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0624 : Martin Barbella using AddressSanitizer CVE-2012-0625 : Martin Barbella CVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0627 : Apple CVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0630 : Sergio Villar Senin of Igalia CVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using AddressSanitizer CVE-2012-0633 : Apple CVE-2012-0635 : Julien Chaffraix of the Chromium development community, Martin Barbella using AddressSanitizer
Installation note:
This update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad.
The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "5.1".
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq 4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM bCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY RDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90 HAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6 7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY= =qPeE -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201111-01
http://security.gentoo.org/
Severity: High Title: Chromium, V8: Multiple vulnerabilities Date: November 01, 2011 Bugs: #351525, #353626, #354121, #356933, #357963, #358581, #360399, #363629, #365125, #366335, #367013, #368649, #370481, #373451, #373469, #377475, #377629, #380311, #380897, #381713, #383251, #385649, #388461 ID: 201111-01
Synopsis
Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code and local root privilege escalation.
Background
Chromium is an open-source web browser project. V8 is Google's open source JavaScript engine.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 15.0.874.102 >= 15.0.874.102 2 dev-lang/v8 < 3.5.10.22 >= 3.5.10.22 ------------------------------------------------------------------- 2 affected packages -------------------------------------------------------------------
Description
Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details.
Impact
A local attacker could gain root privileges (CVE-2011-1444, fixed in chromium-11.0.696.57).
A context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-15.0.874.102"
All V8 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/v8-3.5.10.22"
References
[ 1 ] CVE-2011-2345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2345 [ 2 ] CVE-2011-2346 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2346 [ 3 ] CVE-2011-2347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2347 [ 4 ] CVE-2011-2348 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2348 [ 5 ] CVE-2011-2349 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2349 [ 6 ] CVE-2011-2350 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2350 [ 7 ] CVE-2011-2351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2351 [ 8 ] CVE-2011-2834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834 [ 9 ] CVE-2011-2835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2835 [ 10 ] CVE-2011-2837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2837 [ 11 ] CVE-2011-2838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2838 [ 12 ] CVE-2011-2839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2839 [ 13 ] CVE-2011-2840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2840 [ 14 ] CVE-2011-2841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2841 [ 15 ] CVE-2011-2843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2843 [ 16 ] CVE-2011-2844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2844 [ 17 ] CVE-2011-2845 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2845 [ 18 ] CVE-2011-2846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2846 [ 19 ] CVE-2011-2847 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2847 [ 20 ] CVE-2011-2848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2848 [ 21 ] CVE-2011-2849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2849 [ 22 ] CVE-2011-2850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2850 [ 23 ] CVE-2011-2851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2851 [ 24 ] CVE-2011-2852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2852 [ 25 ] CVE-2011-2853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2853 [ 26 ] CVE-2011-2854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2854 [ 27 ] CVE-2011-2855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2855 [ 28 ] CVE-2011-2856 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2856 [ 29 ] CVE-2011-2857 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2857 [ 30 ] CVE-2011-2858 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2858 [ 31 ] CVE-2011-2859 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2859 [ 32 ] CVE-2011-2860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2860 [ 33 ] CVE-2011-2861 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2861 [ 34 ] CVE-2011-2862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2862 [ 35 ] CVE-2011-2864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2864 [ 36 ] CVE-2011-2874 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2874 [ 37 ] CVE-2011-3234 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3234 [ 38 ] CVE-2011-3873 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873 [ 39 ] CVE-2011-3875 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3875 [ 40 ] CVE-2011-3876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3876 [ 41 ] CVE-2011-3877 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3877 [ 42 ] CVE-2011-3878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3878 [ 43 ] CVE-2011-3879 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3879 [ 44 ] CVE-2011-3880 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3880 [ 45 ] CVE-2011-3881 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3881 [ 46 ] CVE-2011-3882 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3882 [ 47 ] CVE-2011-3883 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3883 [ 48 ] CVE-2011-3884 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3884 [ 49 ] CVE-2011-3885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3885 [ 50 ] CVE-2011-3886 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3886 [ 51 ] CVE-2011-3887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3887 [ 52 ] CVE-2011-3888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3888 [ 53 ] CVE-2011-3889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3889 [ 54 ] CVE-2011-3890 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3890 [ 55 ] CVE-2011-3891 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3891 [ 56 ] Release Notes 10.0.648.127 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html [ 57 ] Release Notes 10.0.648.133 http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html [ 58 ] Release Notes 10.0.648.205 http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html [ 59 ] Release Notes 11.0.696.57 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html [ 60 ] Release Notes 11.0.696.65 http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html [ 61 ] Release Notes 11.0.696.68 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html [ 62 ] Release Notes 11.0.696.71 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html [ 63 ] Release Notes 12.0.742.112 http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html [ 64 ] Release Notes 12.0.742.91 http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html [ 65 ] Release Notes 13.0.782.107 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html [ 66 ] Release Notes 13.0.782.215 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html [ 67 ] Release Notes 13.0.782.220 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html [ 68 ] Release Notes 14.0.835.163 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html [ 69 ] Release Notes 14.0.835.202 http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html [ 70 ] Release Notes 15.0.874.102 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html [ 71 ] Release Notes 8.0.552.237 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html [ 72 ] Release Notes 9.0.597.107 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html [ 73 ] Release Notes 9.0.597.84 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html [ 74 ] Release Notes 9.0.597.94 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "chrome",
"scope": "lt",
"trust": 1.8,
"vendor": "google",
"version": "14.0.835.163"
},
{
"_id": null,
"model": "itunes",
"scope": "lt",
"trust": 1.8,
"vendor": "apple",
"version": "10.6"
},
{
"_id": null,
"model": "safari",
"scope": "lt",
"trust": 1.8,
"vendor": "apple",
"version": "5.1.4"
},
{
"_id": null,
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.9,
"vendor": "google",
"version": "7.0.530.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.9,
"vendor": "google",
"version": "7.0.531.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.9,
"vendor": "google",
"version": "7.0.529.2"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7.3"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7.3"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (ipad and ipad 2)"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (iphone 3gs)"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (iphone 4)"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (iphone 4s)"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (ipod touch (3rd generation) or later )"
},
{
"_id": null,
"model": "ipad",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": "iphone",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": "ipod touch",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.49"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.50"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.51"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "10.0.629.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "10.0.628.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "10.0.630.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.52"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.5"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0"
},
{
"_id": null,
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.6"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.539.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.529.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.203"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.105"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.499.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.39"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.213"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.306"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.208"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.2"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.18"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.15"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.225"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.8"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.20"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.535.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.514.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.219"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.218"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.217"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.27"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.7"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.518.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.38"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.2"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.23"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.11"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.209"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.226"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.37"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.531.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.26"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.8"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.216"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.344"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.512.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.215"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.200"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.537.0"
},
{
"_id": null,
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.513.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.2.20"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.303"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.506.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.211"
},
{
"_id": null,
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.18"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.104"
},
{
"_id": null,
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.12"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.511.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.503.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.521.0"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.520.0"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.528.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.17"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.35"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.215"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.31"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.498.0"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.16"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.302"
},
{
"_id": null,
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.310"
},
{
"_id": null,
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.515.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.34"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.499.0"
},
{
"_id": null,
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.13"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.511.2"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.529.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.503.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.24"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.33"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.202"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.3"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.36"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.42"
},
{
"_id": null,
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.549.0"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.207"
},
{
"_id": null,
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.163"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.516.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"_id": null,
"model": "messaging storage server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.522.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.223"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1.8"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "tv",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.4"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.28"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.30"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.19"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.301"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.544.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.500.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.14"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.222"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.21"
},
{
"_id": null,
"model": "ctpview 7.0r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.12"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.4"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.100"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.14"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.540.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.542.0"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.510.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.547.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.2"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.9"
},
{
"_id": null,
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.13"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.4"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.547.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.509.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.40"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.514.1"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.212"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.29"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.206"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.19"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.25"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.220"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.101"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.0"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.511.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.531.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.20"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.300"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.535.1"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.10"
},
{
"_id": null,
"model": "aura conferencing sp1 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.541.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.221"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.524.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.102"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.17"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.307"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.205"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.16"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.204"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.526.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.21"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.505.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.497.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.103"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.224"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.548.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.308"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.210"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.550.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.525.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "ios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.500.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.309"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.214"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.201"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.11"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.32"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.22"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.43"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.504.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.44"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.304"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.305"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.237"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.41"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.3"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.538.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.519.0"
},
{
"_id": null,
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "49658"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-292"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002647"
},
{
"db": "NVD",
"id": "CVE-2011-2846"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:google:chrome",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipad",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:iphone",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipod_touch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002647"
}
]
},
"credits": {
"_id": null,
"data": "Ryan Sleevi of the Chromium development community, electronixtar, wbrana, Michal Zalewski of the Google Security Team, Kostya Serebryany of the Chromium development community, kuzzcc, Mario Gomes, Aaron Sigel of vtty.com, Kostya Serebryany of the Chromium",
"sources": [
{
"db": "BID",
"id": "49658"
}
],
"trust": 0.3
},
"cve": "CVE-2011-2846",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2011-2846",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-50791",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-2846",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-2846",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201109-292",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-50791",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50791"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-292"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002647"
},
{
"db": "NVD",
"id": "CVE-2011-2846"
}
]
},
"description": {
"_id": null,
"data": "Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling. Used in multiple products Webkit There is a service disruption (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code in the context of the browser, cause denial-of-service conditions, perform spoofing attacks, and bypass the same-origin policy; other attacks may also be possible. \nVersions prior to Chrome 14.0.835.163 are vulnerable. Google Chrome is a web browser developed by Google (Google). \nThese could be used in a malicious web site to direct the user to a\nspoofed site that visually appears to be a legitimate domain. This\nissue is addressed through an improved domain name validity check. \nThis issue does not affect OS X systems. Third-party websites could set cookies if the \"Block Cookies\"\npreference in Safari was set to the default setting of \"From third\nparties and advertisers\". \nCVE-ID\nCVE-2012-0640 : nshah\n\nWebKit\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista,\nXP SP2 or later\nImpact: HTTP authentication credentials may be inadvertently\ndisclosed to another site\nDescription: If a site uses HTTP authentication and redirects to\nanother site, the authentication credentials may be sent to the other\nsite. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2012-03-07-2 iOS 5.1 Software Update\n\niOS 5.1 Software Update is now available and addresses the following:\n\nCFNetwork\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of sensitive information\nDescription: An issue existed in CFNetwork\u0027s handling of malformed\nURLs. When accessing a maliciously crafted URL, CFNetwork could send\nunexpected request headers. \nCVE-ID\nCVE-2012-0641 : Erling Ellingsen of Facebook\n\nHFS\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Mounting a maliciously crafted disk image may lead to a\ndevice shutdown or arbitrary code execution\nDescription: An integer underflow existed with the handling of HFS\ncatalog files. \nCVE-ID\nCVE-2012-0642 : pod2g\n\nKernel\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: A malicious program could bypass sandbox restrictions\nDescription: A logic issue existed in the handling of debug system\ncalls. This may allow a malicious program to gain code execution in\nother programs with the same user privileges. \nCVE-ID\nCVE-2012-0643 : 2012 iOS Jailbreak Dream Team\n\nlibresolv\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Applications that use the libresolv library may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription: An integer overflow existed in the handling of DNS\nresource records, which may lead to heap memory corruption. \nCVE-ID\nCVE-2011-3453 : Ilja van Sprundel of IOActive\n\nPasscode Lock\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: A person with physical access to the device may be able to\nbypass the screen lock\nDescription: A race condition issue existed in the handling of slide\nto dial gestures. This may allow a person with physical access to the\ndevice to bypass the Passcode Lock screen. \nCVE-ID\nCVE-2012-0644 : Roland Kohler of the German Federal Ministry of\nEconomics and Technology\n\nSafari\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Web page visits may be recorded in browser history even when\nPrivate Browsing is active\nDescription: Safari\u0027s Private Browsing is designed to prevent\nrecording of a browsing session. Pages visited as a result of a site\nusing the JavaScript methods pushState or replaceState were recorded\nin the browser history even when Private Browsing mode was active. \nThis issue is addressed by not recording such visits when Private\nBrowsing is active. \nCVE-ID\nCVE-2012-0585 : Eric Melville of American Express\n\nSiri\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: An attacker with physical access to a locked phone could get\naccess to frontmost email message\nDescription: A design issue existed in Siri\u0027s lock screen\nrestrictions. If Siri was enabled for use on the lock screen, and\nMail was open with a message selected behind the lock screen, a voice\ncommand could be used to send that message to an arbitrary recipient. \nThis issue is addressed by disabling forwarding of active messages\nfrom the lock screen. \nCVE-ID\nCVE-2012-0645\n\nVPN\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: A maliciously crafted system configuration file may lead to\narbitrary code execution with system privileges\nDescription: A format string vulnerability existed in the handling\nof racoon configuration files. \nCVE-ID\nCVE-2012-0646 : pod2g\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of cookies\nDescription: A cross-origin issue existed in WebKit, which may allow\ncookies to be disclosed across origins. \nCVE-ID\nCVE-2011-3887 : Sergey Glazunov\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website and dragging content\nwith the mouse may lead to a cross-site scripting attack\nDescription: A cross-origin issue existed in WebKit, which may allow\ncontent to be dragged and dropped across origins. \nCVE-ID\nCVE-2012-0590 : Adam Barth of Google Chrome Security Team\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: Multiple cross-origin issues existed in WebKit. \nCVE-ID\nCVE-2011-3881 : Sergey Glazunov\nCVE-2012-0586 : Sergey Glazunov\nCVE-2012-0587 : Sergey Glazunov\nCVE-2012-0588 : Jochen Eisinger of Google Chrome Team\nCVE-2012-0589 : Alan Austin of polyvore.com\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nCVE-ID\nCVE-2011-2825 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-2833 : Apple\nCVE-2011-2846 : Arthur Gerkis, miaubiz\nCVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome\nSecurity Team using AddressSanitizer\nCVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense\nVCP\nCVE-2011-2857 : miaubiz\nCVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2867 : Dirk Schulze\nCVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2869 : Cris Neckar of Google Chrome Security Team using\nAddressSanitizer\nCVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google\nChrome Security Team using AddressSanitizer\nCVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2877 : miaubiz\nCVE-2011-3885 : miaubiz\nCVE-2011-3888 : miaubiz\nCVE-2011-3897 : pa_kt working with TippingPoint\u0027s Zero Day Initiative\nCVE-2011-3908 : Aki Helin of OUSPG\nCVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu\nCVE-2011-3928 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2012-0591 : miaubiz, and Martin Barbella\nCVE-2012-0592 : Alexander Gavrun working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2012-0593 : Lei Zhang of the Chromium development community\nCVE-2012-0594 : Adam Klein of the Chromium development community\nCVE-2012-0595 : Apple\nCVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0597 : miaubiz\nCVE-2012-0598 : Sergey Glazunov\nCVE-2012-0599 : Dmytro Gorbunov of SaveSources.com\nCVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google\nChrome, miaubiz, Aki Helin of OUSPG, Apple\nCVE-2012-0601 : Apple\nCVE-2012-0602 : Apple\nCVE-2012-0603 : Apple\nCVE-2012-0604 : Apple\nCVE-2012-0605 : Apple\nCVE-2012-0606 : Apple\nCVE-2012-0607 : Apple\nCVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer\nCVE-2012-0611 : Martin Barbella using AddressSanitizer\nCVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer\nCVE-2012-0615 : Martin Barbella using AddressSanitizer\nCVE-2012-0616 : miaubiz\nCVE-2012-0617 : Martin Barbella using AddressSanitizer\nCVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0621 : Martin Barbella using AddressSanitizer\nCVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome\nSecurity Team\nCVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0624 : Martin Barbella using AddressSanitizer\nCVE-2012-0625 : Martin Barbella\nCVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0627 : Apple\nCVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of\nGoogle Chrome Security Team using AddressSanitizer\nCVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2012-0630 : Sergio Villar Senin of Igalia\nCVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-0633 : Apple\nCVE-2012-0635 : Julien Chaffraix of the Chromium development\ncommunity, Martin Barbella using AddressSanitizer\n\n\nInstallation note:\n\nThis update is only available through iTunes, and will not appear\nin your computer\u0027s Software Update application, or in the Apple\nDownloads site. Make sure you have an Internet connection and have\ninstalled the latest version of iTunes from www.apple.com/itunes/\n\niTunes will automatically check Apple\u0027s update server on its weekly\nschedule. When an update is detected, it will download it. When\nthe iPhone, iPod touch or iPad is docked, iTunes will present the\nuser with the option to install the update. We recommend applying\nthe update immediately if possible. Selecting Don\u0027t Install will\npresent the option the next time you connect your iPhone, iPod touch,\nor iPad. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes checks for updates. You may manually obtain the\nupdate via the Check for Updates button within iTunes. After doing\nthis, the update can be applied when your iPhone, iPod touch, or iPad\nis docked to your computer. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update will be \"5.1\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\n\niQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq\n4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM\nbCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY\nRDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90\nHAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6\n7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY=\n=qPeE\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201111-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Chromium, V8: Multiple vulnerabilities\n Date: November 01, 2011\n Bugs: #351525, #353626, #354121, #356933, #357963, #358581,\n #360399, #363629, #365125, #366335, #367013, #368649,\n #370481, #373451, #373469, #377475, #377629, #380311,\n #380897, #381713, #383251, #385649, #388461\n ID: 201111-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in Chromium and V8, some of\nwhich may allow execution of arbitrary code and local root privilege\nescalation. \n\nBackground\n==========\n\nChromium is an open-source web browser project. V8 is Google\u0027s open\nsource JavaScript engine. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/chromium \u003c 15.0.874.102 \u003e= 15.0.874.102 \n 2 dev-lang/v8 \u003c 3.5.10.22 \u003e= 3.5.10.22 \n -------------------------------------------------------------------\n 2 affected packages\n -------------------------------------------------------------------\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Chromium and V8. \nPlease review the CVE identifiers and release notes referenced below\nfor details. \n\nImpact\n======\n\nA local attacker could gain root privileges (CVE-2011-1444, fixed in\nchromium-11.0.696.57). \n\nA context-dependent attacker could entice a user to open a specially\ncrafted web site or JavaScript program using Chromium or V8, possibly\nresulting in the execution of arbitrary code with the privileges of the\nprocess, or a Denial of Service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-client/chromium-15.0.874.102\"\n\nAll V8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-lang/v8-3.5.10.22\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-2345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2345\n[ 2 ] CVE-2011-2346\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2346\n[ 3 ] CVE-2011-2347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2347\n[ 4 ] CVE-2011-2348\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2348\n[ 5 ] CVE-2011-2349\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2349\n[ 6 ] CVE-2011-2350\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2350\n[ 7 ] CVE-2011-2351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2351\n[ 8 ] CVE-2011-2834\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834\n[ 9 ] CVE-2011-2835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2835\n[ 10 ] CVE-2011-2837\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2837\n[ 11 ] CVE-2011-2838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2838\n[ 12 ] CVE-2011-2839\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2839\n[ 13 ] CVE-2011-2840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2840\n[ 14 ] CVE-2011-2841\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2841\n[ 15 ] CVE-2011-2843\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2843\n[ 16 ] CVE-2011-2844\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2844\n[ 17 ] CVE-2011-2845\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2845\n[ 18 ] CVE-2011-2846\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2846\n[ 19 ] CVE-2011-2847\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2847\n[ 20 ] CVE-2011-2848\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2848\n[ 21 ] CVE-2011-2849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2849\n[ 22 ] CVE-2011-2850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2850\n[ 23 ] CVE-2011-2851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2851\n[ 24 ] CVE-2011-2852\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2852\n[ 25 ] CVE-2011-2853\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2853\n[ 26 ] CVE-2011-2854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2854\n[ 27 ] CVE-2011-2855\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2855\n[ 28 ] CVE-2011-2856\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2856\n[ 29 ] CVE-2011-2857\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2857\n[ 30 ] CVE-2011-2858\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2858\n[ 31 ] CVE-2011-2859\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2859\n[ 32 ] CVE-2011-2860\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2860\n[ 33 ] CVE-2011-2861\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2861\n[ 34 ] CVE-2011-2862\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2862\n[ 35 ] CVE-2011-2864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2864\n[ 36 ] CVE-2011-2874\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2874\n[ 37 ] CVE-2011-3234\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3234\n[ 38 ] CVE-2011-3873\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873\n[ 39 ] CVE-2011-3875\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3875\n[ 40 ] CVE-2011-3876\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3876\n[ 41 ] CVE-2011-3877\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3877\n[ 42 ] CVE-2011-3878\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3878\n[ 43 ] CVE-2011-3879\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3879\n[ 44 ] CVE-2011-3880\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3880\n[ 45 ] CVE-2011-3881\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3881\n[ 46 ] CVE-2011-3882\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3882\n[ 47 ] CVE-2011-3883\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3883\n[ 48 ] CVE-2011-3884\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3884\n[ 49 ] CVE-2011-3885\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3885\n[ 50 ] CVE-2011-3886\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3886\n[ 51 ] CVE-2011-3887\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3887\n[ 52 ] CVE-2011-3888\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3888\n[ 53 ] CVE-2011-3889\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3889\n[ 54 ] CVE-2011-3890\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3890\n[ 55 ] CVE-2011-3891\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3891\n[ 56 ] Release Notes 10.0.648.127\n http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html\n[ 57 ] Release Notes 10.0.648.133\n http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html\n[ 58 ] Release Notes 10.0.648.205\n http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html\n[ 59 ] Release Notes 11.0.696.57\n http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html\n[ 60 ] Release Notes 11.0.696.65\n http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html\n[ 61 ] Release Notes 11.0.696.68\n http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html\n[ 62 ] Release Notes 11.0.696.71\n http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html\n[ 63 ] Release Notes 12.0.742.112\n http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html\n[ 64 ] Release Notes 12.0.742.91\n http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html\n[ 65 ] Release Notes 13.0.782.107\n http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html\n[ 66 ] Release Notes 13.0.782.215\n http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html\n[ 67 ] Release Notes 13.0.782.220\n http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html\n[ 68 ] Release Notes 14.0.835.163\n http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html\n[ 69 ] Release Notes 14.0.835.202\n http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html\n[ 70 ] Release Notes 15.0.874.102\n http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html\n[ 71 ] Release Notes 8.0.552.237\n http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html\n[ 72 ] Release Notes 9.0.597.107\n http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html\n[ 73 ] Release Notes 9.0.597.84\n http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html\n[ 74 ] Release Notes 9.0.597.94\n http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201111-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2846"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002647"
},
{
"db": "BID",
"id": "49658"
},
{
"db": "VULHUB",
"id": "VHN-50791"
},
{
"db": "PACKETSTORM",
"id": "110716"
},
{
"db": "PACKETSTORM",
"id": "110590"
},
{
"db": "PACKETSTORM",
"id": "110591"
},
{
"db": "PACKETSTORM",
"id": "106471"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2011-2846",
"trust": 3.2
},
{
"db": "OSVDB",
"id": "75545",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48377",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48274",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48288",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1026774",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002647",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201109-292",
"trust": 0.7
},
{
"db": "JUNIPER",
"id": "JSA10658",
"trust": 0.3
},
{
"db": "BID",
"id": "49658",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-50791",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110716",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110590",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110591",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106471",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50791"
},
{
"db": "BID",
"id": "49658"
},
{
"db": "PACKETSTORM",
"id": "110716"
},
{
"db": "PACKETSTORM",
"id": "110590"
},
{
"db": "PACKETSTORM",
"id": "110591"
},
{
"db": "PACKETSTORM",
"id": "106471"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-292"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002647"
},
{
"db": "NVD",
"id": "CVE-2011-2846"
}
]
},
"id": "VAR-201109-0200",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50791"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T23:30:56.602000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HT5190",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5190"
},
{
"title": "HT5191",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5191"
},
{
"title": "HT5192",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5192"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "stable-channel-update_16",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"title": "nacl",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=41604"
},
{
"title": "IronPortable",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=41603"
},
{
"title": "srware_iron",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=41605"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-292"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002647"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-399",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50791"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002647"
},
{
"db": "NVD",
"id": "CVE-2011-2846"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.1,
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2012/mar/msg00000.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2012/mar/msg00001.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2012/mar/msg00003.html"
},
{
"trust": 1.7,
"url": "http://code.google.com/p/chromium/issues/detail?id=89219"
},
{
"trust": 1.7,
"url": "http://osvdb.org/75545"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14451"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1026774"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48274"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48288"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48377"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69872"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2846"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu428075/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu479643/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu341747/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2846"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2847"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2855"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2854"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2846"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht5504"
},
{
"trust": 0.3,
"url": "http://www.google.com/chrome"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos2"
},
{
"trust": 0.3,
"url": "/archive/1/520068"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10658\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100153798"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100156064"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100158911"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03360041"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/16aeb-4cd3628b94080/cert_xrx12-009_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2867"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3888"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2872"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2877"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2871"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2869"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2860"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3885"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2873"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2870"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2868"
},
{
"trust": 0.3,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2857"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3897"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2825"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3908"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3909"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2833"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3887"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0585"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3928"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0586"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3881"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2866"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0584"
},
{
"trust": 0.1,
"url": "http://www.apple.com/safari/download/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0592"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0594"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0593"
},
{
"trust": 0.1,
"url": "http://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3453"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2849"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2841"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2847"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3875"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3890"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2350"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2848"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2853"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3879"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3888"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2859"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3881"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2844"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2843"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3876"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2844"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2853"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2845"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3877"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2349"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3880"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201111-01.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2841"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2349"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2861"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2862"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2852"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2838"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2839"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2849"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2346"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2858"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3891"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2855"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3887"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3878"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3873"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2854"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2850"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2834"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2851"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2857"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2851"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2856"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2346"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2846"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2348"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2850"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2852"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2856"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2874"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2348"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2350"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3234"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2845"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2848"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3886"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2839"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3882"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3885"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2843"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50791"
},
{
"db": "BID",
"id": "49658"
},
{
"db": "PACKETSTORM",
"id": "110716"
},
{
"db": "PACKETSTORM",
"id": "110590"
},
{
"db": "PACKETSTORM",
"id": "110591"
},
{
"db": "PACKETSTORM",
"id": "106471"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-292"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002647"
},
{
"db": "NVD",
"id": "CVE-2011-2846"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-50791",
"ident": null
},
{
"db": "BID",
"id": "49658",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "110716",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "110590",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "110591",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "106471",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201109-292",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002647",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2011-2846",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2011-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-50791",
"ident": null
},
{
"date": "2011-09-16T00:00:00",
"db": "BID",
"id": "49658",
"ident": null
},
{
"date": "2012-03-13T00:58:40",
"db": "PACKETSTORM",
"id": "110716",
"ident": null
},
{
"date": "2012-03-08T22:22:22",
"db": "PACKETSTORM",
"id": "110590",
"ident": null
},
{
"date": "2012-03-08T22:23:23",
"db": "PACKETSTORM",
"id": "110591",
"ident": null
},
{
"date": "2011-11-01T15:58:39",
"db": "PACKETSTORM",
"id": "106471",
"ident": null
},
{
"date": "2011-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-292",
"ident": null
},
{
"date": "2011-11-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002647",
"ident": null
},
{
"date": "2011-09-19T12:02:55.917000",
"db": "NVD",
"id": "CVE-2011-2846",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-05-08T00:00:00",
"db": "VULHUB",
"id": "VHN-50791",
"ident": null
},
{
"date": "2015-04-13T21:27:00",
"db": "BID",
"id": "49658",
"ident": null
},
{
"date": "2020-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-292",
"ident": null
},
{
"date": "2012-03-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002647",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-2846",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-292"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Used in multiple products Webkit Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002647"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-292"
}
],
"trust": 0.6
}
}
VAR-201502-0366
Vulnerability from variot - Updated: 2026-04-10 23:30named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use. ISC BIND 9 Under certain conditions in the management of trust anchors named Service termination (DoS) Vulnerabilities exist. ISC The advisory states that: CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crash https://kb.isc.org/article/AA-01235/ "BIND servers which are configured to perform DNSSEC validation and which are using managed-keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may terminate with an assertion failure when encountering all of the following conditions in a managed trust anchor: a key which was previously trusted is now flagged as revoked; there are no other trusted keys available; there is a standby key, but it is not trusted yet This situation results in termination of the named process and denial of service to clients, and can occur in two circumstances: during an improperly-managed key rollover for one of the managed trust anchors (e.g., during a botched root key rollover), or *when deliberately triggered by an attacker, under specific and limited circumstances. ISC has demonstrated a proof-of-concept of this attack; however, the complexity of the attack is very high unless the attacker has a specific network relationship to the BIND server which is targeted"Service disruption by a remote third party (DoS) There is a possibility of being attacked. ISC BIND is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: bind security update Advisory ID: RHSA-2015:0672-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0672.html Issue date: 2015-03-10 CVE Names: CVE-2015-1349 =====================================================================
- Summary:
Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
A flaw was found in the way BIND handled trust anchor management. (CVE-2015-1349)
Red Hat would like to thank ISC for reporting this issue.
All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm
i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm
x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm
x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm
x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm
i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm
ppc64: bind-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm
s390x: bind-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.s390x.rpm
x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm
i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm
x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm
x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: bind-9.9.4-18.el7_1.1.src.rpm
noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm
x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: bind-9.9.4-18.el7_1.1.src.rpm
noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm
x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: bind-9.9.4-18.el7_1.1.src.rpm
noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm
ppc64: bind-9.9.4-18.el7_1.1.ppc64.rpm bind-chroot-9.9.4-18.el7_1.1.ppc64.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm bind-libs-9.9.4-18.el7_1.1.ppc.rpm bind-libs-9.9.4-18.el7_1.1.ppc64.rpm bind-libs-lite-9.9.4-18.el7_1.1.ppc.rpm bind-libs-lite-9.9.4-18.el7_1.1.ppc64.rpm bind-utils-9.9.4-18.el7_1.1.ppc64.rpm
s390x: bind-9.9.4-18.el7_1.1.s390x.rpm bind-chroot-9.9.4-18.el7_1.1.s390x.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm bind-libs-9.9.4-18.el7_1.1.s390.rpm bind-libs-9.9.4-18.el7_1.1.s390x.rpm bind-libs-lite-9.9.4-18.el7_1.1.s390.rpm bind-libs-lite-9.9.4-18.el7_1.1.s390x.rpm bind-utils-9.9.4-18.el7_1.1.s390x.rpm
x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: bind-9.9.4-18.ael7b_1.1.src.rpm
noarch: bind-license-9.9.4-18.ael7b_1.1.noarch.rpm
ppc64le: bind-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-libs-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-libs-lite-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-utils-9.9.4-18.ael7b_1.1.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: bind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm bind-devel-9.9.4-18.el7_1.1.ppc.rpm bind-devel-9.9.4-18.el7_1.1.ppc64.rpm bind-lite-devel-9.9.4-18.el7_1.1.ppc.rpm bind-lite-devel-9.9.4-18.el7_1.1.ppc64.rpm bind-sdb-9.9.4-18.el7_1.1.ppc64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.ppc64.rpm
s390x: bind-debuginfo-9.9.4-18.el7_1.1.s390.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm bind-devel-9.9.4-18.el7_1.1.s390.rpm bind-devel-9.9.4-18.el7_1.1.s390x.rpm bind-lite-devel-9.9.4-18.el7_1.1.s390.rpm bind-lite-devel-9.9.4-18.el7_1.1.s390x.rpm bind-sdb-9.9.4-18.el7_1.1.s390x.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.s390x.rpm
x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64le: bind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-lite-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-sdb-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-sdb-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: bind-9.9.4-18.el7_1.1.src.rpm
noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm
x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-1349 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFU/7nhXlSAg2UNWIIRArKUAJ9WX/XGIY2BbVU1+km5wJAaBaPytQCdGBnW 7ZfcyFEskWi6YX7JcLMs9Fg= =dWCz -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Release Date: 2015-07-17 Last Updated: 2015-07-17
Potential Security Impact: Remote Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS).
References:
CVE-2015-1349 CVE-2015-4620 SSRT101976
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.31 running BIND 9.7.3 prior to C.9.7.3.7.0
HP-UX B.11.31 running BIND 9.9.4 prior to C.9.9.4.3.0
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-1349 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2015-4620 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided updated versions of the BIND service to resolve this vulnerability.
BIND 9.7.3 for HP-UX Release Depot Name Download location
B.11.31 (PA and IA) HP_UX_11.31_HPUX-NameServer_C.9.7.3.7.0_HP-UX_B.11.31_IA_PA.depot https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe r=BIND
BIND 9.9.4 for HP-UX Release Depot Name Download location
B.11.31 (PA and IA) HP_UX_11.31_HPUX-NameServer_C.9.9.4.3.0_HP-UX_B.11.31_IA_PA.depot https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe r=BIND
MANUAL ACTIONS: Yes - Update Download and install the software update
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
For BIND 9.7.3 HP-UX B.11.31 ================== NameService.BIND-AUX NameService.BIND-RUN action: install revision C.9.7.3.7.0 or subsequent
For BIND 9.9.4 HP-UX B.11.31 ================== NameService.BIND-AUX NameService.BIND-RUN action: install revision C.9.9.4.3.0 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 17 July 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. This can lead to resource exhaustion and denial of service (up to and including termination of the named server process) (CVE-2014-8500).
Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker. This issue affects configurations with the directives "dnssec-lookaside auto;" (as enabled in the Mandriva default configuration) or "dnssec-validation auto;" (CVE-2015-1349).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349 http://advisories.mageia.org/MGASA-2014-0524.html http://advisories.mageia.org/MGASA-2015-0082.html
Updated Packages:
Mandriva Business Server 2/X86_64: a2cf83873b09b47275d0030063a236c8 mbs2/x86_64/bind-9.10.1.P2-7.mbs2.x86_64.rpm 83d97de0884ef84b933cb06bfbbce24a mbs2/x86_64/bind-devel-9.10.1.P2-7.mbs2.x86_64.rpm 633a8a160c3be4dda5f134550288df8f mbs2/x86_64/bind-doc-9.10.1.P2-7.mbs2.noarch.rpm 40760cee0f0c97261b80d159ab60cb32 mbs2/x86_64/bind-sdb-9.10.1.P2-7.mbs2.x86_64.rpm ec17a87a3d0e50c4a1c33c84adc0c08b mbs2/x86_64/bind-utils-9.10.1.P2-7.mbs2.x86_64.rpm 95f44b351208cfcbf15108dc707b0f21 mbs2/SRPMS/bind-9.10.1.P2-7.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVGDuOmqjQ0CJFipgRAqQsAJ9YWfOhd3JZjB1DstzQh7xCT2fJWQCfYwBx FGoDrVNSJeks4jEO5ZrIaN8= =0F9B -----END PGP SIGNATURE----- .
For the stable distribution (wheezy), this problem has been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-15:05.bind Security Advisory The FreeBSD Project
Topic: BIND remote denial of service vulnerability
Category: contrib Module: bind Announced: 2015-02-25 Credits: ISC Affects: FreeBSD 8.x and FreeBSD 9.x. Corrected: 2015-02-18 22:20:19 UTC (stable/9, 9.3-STABLE) 2015-02-25 05:56:54 UTC (releng/9.3, 9.3-RELEASE-p10) 2015-02-18 22:29:52 UTC (stable/8, 8.4-STABLE) 2015-02-25 05:56:54 UTC (releng/8.4, 8.4-RELEASE-p24) CVE Name: CVE-2015-1349
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
II. Problem Description
BIND servers which are configured to perform DNSSEC validation and which are using managed keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may exhibit unpredictable behavior due to the use of an improperly initialized variable.
III.
IV. Workaround
Only systems that runs BIND, including recursive resolvers and authoritative servers that performs DNSSEC validation and using managed-keys are affected.
This issue can be worked around by not using "auto" for the dnssec-validation or dnssec-lookaside options and do not configure a managed-keys statement. Note that in order to do DNSSEC validation with this workaround one would have to configure an explicit trusted-keys statement with the appropriate keys.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
fetch https://security.FreeBSD.org/patches/SA-15:05/bind.patch
fetch https://security.FreeBSD.org/patches/SA-15:05/bind.patch.asc
gpg --verify bind.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r278973 releng/8.4/ r279265 stable/9/ r278972 releng/9.3/ r279265
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. ============================================================================ Ubuntu Security Notice USN-2503-1 February 18, 2015
bind9 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Bind could be made to crash if it received specially crafted network traffic.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.10: bind9 1:9.9.5.dfsg-4.3ubuntu0.2
Ubuntu 14.04 LTS: bind9 1:9.9.5.dfsg-3ubuntu0.2
Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.10
In general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201510-01
https://security.gentoo.org/
Severity: Normal Title: BIND: Denial of Service Date: October 18, 2015 Bugs: #540640, #553584, #556150, #559462 ID: 201510-01
Synopsis
A vulnerability in BIND could lead to a Denial of Service condition.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/bind < 9.10.2_p4 >= 9.10.2_p4
Description
A vulnerability has been discovered in BIND's named utility leading to a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All BIND users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.10.2_p4"
References
[ 1 ] CVE-2015-1349 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1349 [ 2 ] CVE-2015-4620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4620 [ 3 ] CVE-2015-5477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5477 [ 4 ] CVE-2015-5722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5722 [ 5 ] CVE-2015-5986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5986
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201510-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.8.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.8.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.7.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.9.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.8.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.7"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.10.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.10.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.8.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.8.5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.10.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.7"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.8.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.8.4"
},
{
"_id": null,
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.7.0 from 9.10.1-p1"
},
{
"_id": null,
"model": "macos server",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.0.3 (os x yosemite v10.10.5 or later )"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.7.0b1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server eus 6.6.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "northstar controller application",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2.1.0"
},
{
"_id": null,
"model": "bind 9.7.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"_id": null,
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta3-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"_id": null,
"model": "9.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "9.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p22",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p20",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p18",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "release-p4",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "9.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"_id": null,
"model": "8.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p20",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.4"
},
{
"_id": null,
"model": "8.3-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.3-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.3"
},
{
"_id": null,
"model": "8.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.2-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.2-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.2-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "release -p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.2-"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.2"
},
{
"_id": null,
"model": "8.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.1-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.1-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.1-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.1"
},
{
"_id": null,
"model": "8.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "session border controller for enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.0"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "cms",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "17.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.1.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.1.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"_id": null,
"model": "northstar controller application service pack",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "2.1.01"
},
{
"_id": null,
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p10",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p24",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x5.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "72673"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
},
{
"db": "NVD",
"id": "CVE-2015-1349"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:os_x_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
}
]
},
"credits": {
"_id": null,
"data": "Jan-Piet Mens",
"sources": [
{
"db": "BID",
"id": "72673"
}
],
"trust": 0.3
},
"cve": "CVE-2015-1349",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CVE-2015-1349",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-1349",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-1349",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201502-414",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
},
{
"db": "NVD",
"id": "CVE-2015-1349"
}
]
},
"description": {
"_id": null,
"data": "named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use. ISC BIND 9 Under certain conditions in the management of trust anchors named Service termination (DoS) Vulnerabilities exist. ISC The advisory states that: CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crash https://kb.isc.org/article/AA-01235/ \"BIND servers which are configured to perform DNSSEC validation and which are using managed-keys (which occurs implicitly when using \"dnssec-validation auto;\" or \"dnssec-lookaside auto;\") may terminate with an assertion failure when encountering all of the following conditions in a managed trust anchor: *a key which was previously trusted is now flagged as revoked; *there are no other trusted keys available; *there is a standby key, but it is not trusted yet This situation results in termination of the named process and denial of service to clients, and can occur in two circumstances: *during an improperly-managed key rollover for one of the managed trust anchors (e.g., during a botched root key rollover), or *when deliberately triggered by an attacker, under specific and limited circumstances. ISC has demonstrated a proof-of-concept of this attack; however, the complexity of the attack is very high unless the attacker has a specific network relationship to the BIND server which is targeted\"Service disruption by a remote third party (DoS) There is a possibility of being attacked. ISC BIND is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to crash the affected application, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: bind security update\nAdvisory ID: RHSA-2015:0672-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0672.html\nIssue date: 2015-03-10\nCVE Names: CVE-2015-1349 \n=====================================================================\n\n1. Summary:\n\nUpdated bind packages that fix one security issue are now available for Red\nHat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nA flaw was found in the way BIND handled trust anchor management. (CVE-2015-1349)\n\nRed Hat would like to thank ISC for reporting this issue. \n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nbind-9.8.2-0.30.rc1.el6_6.2.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nbind-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm\n\nx86_64:\nbind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nbind-9.8.2-0.30.rc1.el6_6.2.src.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nbind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nbind-9.8.2-0.30.rc1.el6_6.2.src.rpm\n\ni386:\nbind-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm\n\nppc64:\nbind-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.ppc.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.s390.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.ppc.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.s390.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nbind-9.8.2-0.30.rc1.el6_6.2.src.rpm\n\ni386:\nbind-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm\n\nx86_64:\nbind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm\nbind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\nbind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nbind-9.9.4-18.el7_1.1.src.rpm\n\nnoarch:\nbind-license-9.9.4-18.el7_1.1.noarch.rpm\n\nx86_64:\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm\nbind-utils-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nbind-9.9.4-18.el7_1.1.x86_64.rpm\nbind-chroot-9.9.4-18.el7_1.1.x86_64.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nbind-9.9.4-18.el7_1.1.src.rpm\n\nnoarch:\nbind-license-9.9.4-18.el7_1.1.noarch.rpm\n\nx86_64:\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm\nbind-utils-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nbind-9.9.4-18.el7_1.1.x86_64.rpm\nbind-chroot-9.9.4-18.el7_1.1.x86_64.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nbind-9.9.4-18.el7_1.1.src.rpm\n\nnoarch:\nbind-license-9.9.4-18.el7_1.1.noarch.rpm\n\nppc64:\nbind-9.9.4-18.el7_1.1.ppc64.rpm\nbind-chroot-9.9.4-18.el7_1.1.ppc64.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm\nbind-libs-9.9.4-18.el7_1.1.ppc.rpm\nbind-libs-9.9.4-18.el7_1.1.ppc64.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.ppc.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.ppc64.rpm\nbind-utils-9.9.4-18.el7_1.1.ppc64.rpm\n\ns390x:\nbind-9.9.4-18.el7_1.1.s390x.rpm\nbind-chroot-9.9.4-18.el7_1.1.s390x.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.s390.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm\nbind-libs-9.9.4-18.el7_1.1.s390.rpm\nbind-libs-9.9.4-18.el7_1.1.s390x.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.s390.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.s390x.rpm\nbind-utils-9.9.4-18.el7_1.1.s390x.rpm\n\nx86_64:\nbind-9.9.4-18.el7_1.1.x86_64.rpm\nbind-chroot-9.9.4-18.el7_1.1.x86_64.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm\nbind-utils-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nbind-9.9.4-18.ael7b_1.1.src.rpm\n\nnoarch:\nbind-license-9.9.4-18.ael7b_1.1.noarch.rpm\n\nppc64le:\nbind-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-libs-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-libs-lite-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-utils-9.9.4-18.ael7b_1.1.ppc64le.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nbind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm\nbind-devel-9.9.4-18.el7_1.1.ppc.rpm\nbind-devel-9.9.4-18.el7_1.1.ppc64.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.ppc.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.ppc64.rpm\nbind-sdb-9.9.4-18.el7_1.1.ppc64.rpm\nbind-sdb-chroot-9.9.4-18.el7_1.1.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.9.4-18.el7_1.1.s390.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm\nbind-devel-9.9.4-18.el7_1.1.s390.rpm\nbind-devel-9.9.4-18.el7_1.1.s390x.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.s390.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.s390x.rpm\nbind-sdb-9.9.4-18.el7_1.1.s390x.rpm\nbind-sdb-chroot-9.9.4-18.el7_1.1.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64le:\nbind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-lite-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-sdb-9.9.4-18.ael7b_1.1.ppc64le.rpm\nbind-sdb-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nbind-9.9.4-18.el7_1.1.src.rpm\n\nnoarch:\nbind-license-9.9.4-18.el7_1.1.noarch.rpm\n\nx86_64:\nbind-9.9.4-18.el7_1.1.x86_64.rpm\nbind-chroot-9.9.4-18.el7_1.1.x86_64.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-9.9.4-18.el7_1.1.x86_64.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.i686.rpm\nbind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm\nbind-utils-9.9.4-18.el7_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nbind-debuginfo-9.9.4-18.el7_1.1.i686.rpm\nbind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm\nbind-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.i686.rpm\nbind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-9.9.4-18.el7_1.1.x86_64.rpm\nbind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-1349\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFU/7nhXlSAg2UNWIIRArKUAJ9WX/XGIY2BbVU1+km5wJAaBaPytQCdGBnW\n7ZfcyFEskWi6YX7JcLMs9Fg=\n=dWCz\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nRelease Date: 2015-07-17\nLast Updated: 2015-07-17\n\nPotential Security Impact: Remote Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running\nBIND. This vulnerability could be exploited remotely to create a Denial of\nService (DoS). \n\nReferences:\n\nCVE-2015-1349\nCVE-2015-4620\nSSRT101976\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.31 running BIND 9.7.3 prior to C.9.7.3.7.0\n\nHP-UX B.11.31 running BIND 9.9.4 prior to C.9.9.4.3.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-1349 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2015-4620 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided updated versions of the BIND service to resolve this\nvulnerability. \n\nBIND 9.7.3 for HP-UX Release\n Depot Name\n Download location\n\nB.11.31 (PA and IA)\n HP_UX_11.31_HPUX-NameServer_C.9.7.3.7.0_HP-UX_B.11.31_IA_PA.depot\n https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe\nr=BIND\n\nBIND 9.9.4 for HP-UX Release\n Depot Name\n Download location\n\nB.11.31 (PA and IA)\n HP_UX_11.31_HPUX-NameServer_C.9.9.4.3.0_HP-UX_B.11.31_IA_PA.depot\n https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe\nr=BIND\n\nMANUAL ACTIONS: Yes - Update\nDownload and install the software update\n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nFor BIND 9.7.3\nHP-UX B.11.31\n==================\nNameService.BIND-AUX\nNameService.BIND-RUN\naction: install revision C.9.7.3.7.0 or subsequent\n\nFor BIND 9.9.4\nHP-UX B.11.31\n==================\nNameService.BIND-AUX\nNameService.BIND-RUN\naction: install revision C.9.9.4.3.0 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 17 July 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. This can\n lead to resource exhaustion and denial of service (up to and including\n termination of the named server process) (CVE-2014-8500). \n \n Jan-Piet Mens discovered that the BIND DNS server would crash when\n processing an invalid DNSSEC key rollover, either due to an error\n on the zone operator\u0026#039;s part, or due to interference with network\n traffic by an attacker. This issue affects configurations with the\n directives \u0026quot;dnssec-lookaside auto;\u0026quot; (as enabled in the Mandriva\n default configuration) or \u0026quot;dnssec-validation auto;\u0026quot; (CVE-2015-1349). \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349\n http://advisories.mageia.org/MGASA-2014-0524.html\n http://advisories.mageia.org/MGASA-2015-0082.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n a2cf83873b09b47275d0030063a236c8 mbs2/x86_64/bind-9.10.1.P2-7.mbs2.x86_64.rpm\n 83d97de0884ef84b933cb06bfbbce24a mbs2/x86_64/bind-devel-9.10.1.P2-7.mbs2.x86_64.rpm\n 633a8a160c3be4dda5f134550288df8f mbs2/x86_64/bind-doc-9.10.1.P2-7.mbs2.noarch.rpm\n 40760cee0f0c97261b80d159ab60cb32 mbs2/x86_64/bind-sdb-9.10.1.P2-7.mbs2.x86_64.rpm\n ec17a87a3d0e50c4a1c33c84adc0c08b mbs2/x86_64/bind-utils-9.10.1.P2-7.mbs2.x86_64.rpm \n 95f44b351208cfcbf15108dc707b0f21 mbs2/SRPMS/bind-9.10.1.P2-7.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVGDuOmqjQ0CJFipgRAqQsAJ9YWfOhd3JZjB1DstzQh7xCT2fJWQCfYwBx\nFGoDrVNSJeks4jEO5ZrIaN8=\n=0F9B\n-----END PGP SIGNATURE-----\n. \n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1:9.8.4.dfsg.P1-6+nmu2+deb7u4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-15:05.bind Security Advisory\n The FreeBSD Project\n\nTopic: BIND remote denial of service vulnerability\n\nCategory: contrib\nModule: bind\nAnnounced: 2015-02-25\nCredits: ISC\nAffects: FreeBSD 8.x and FreeBSD 9.x. \nCorrected: 2015-02-18 22:20:19 UTC (stable/9, 9.3-STABLE)\n 2015-02-25 05:56:54 UTC (releng/9.3, 9.3-RELEASE-p10)\n 2015-02-18 22:29:52 UTC (stable/8, 8.4-STABLE)\n 2015-02-25 05:56:54 UTC (releng/8.4, 8.4-RELEASE-p24)\nCVE Name: CVE-2015-1349\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nII. Problem Description\n\nBIND servers which are configured to perform DNSSEC validation and which\nare using managed keys (which occurs implicitly when using\n\"dnssec-validation auto;\" or \"dnssec-lookaside auto;\") may exhibit\nunpredictable behavior due to the use of an improperly initialized\nvariable. \n\nIII. \n\nIV. Workaround\n\nOnly systems that runs BIND, including recursive resolvers and authoritative\nservers that performs DNSSEC validation and using managed-keys are affected. \n\nThis issue can be worked around by not using \"auto\" for the dnssec-validation\nor dnssec-lookaside options and do not configure a managed-keys statement. \nNote that in order to do DNSSEC validation with this workaround one would\nhave to configure an explicit trusted-keys statement with the appropriate\nkeys. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch https://security.FreeBSD.org/patches/SA-15:05/bind.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:05/bind.patch.asc\n# gpg --verify bind.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r278973\nreleng/8.4/ r279265\nstable/9/ r278972\nreleng/9.3/ r279265\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. ============================================================================\nUbuntu Security Notice USN-2503-1\nFebruary 18, 2015\n\nbind9 vulnerability\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nBind could be made to crash if it received specially crafted network\ntraffic. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.10:\n bind9 1:9.9.5.dfsg-4.3ubuntu0.2\n\nUbuntu 14.04 LTS:\n bind9 1:9.9.5.dfsg-3ubuntu0.2\n\nUbuntu 12.04 LTS:\n bind9 1:9.8.1.dfsg.P1-4ubuntu0.10\n\nIn general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201510-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: BIND: Denial of Service\n Date: October 18, 2015\n Bugs: #540640, #553584, #556150, #559462\n ID: 201510-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA vulnerability in BIND could lead to a Denial of Service condition. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/bind \u003c 9.10.2_p4 \u003e= 9.10.2_p4 \n\nDescription\n===========\n\nA vulnerability has been discovered in BIND\u0027s named utility leading to\na Denial of Service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll BIND users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/bind-9.10.2_p4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-1349\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1349\n[ 2 ] CVE-2015-4620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4620\n[ 3 ] CVE-2015-5477\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5477\n[ 4 ] CVE-2015-5722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5722\n[ 5 ] CVE-2015-5986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5986\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201510-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1349"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
},
{
"db": "BID",
"id": "72673"
},
{
"db": "PACKETSTORM",
"id": "130646"
},
{
"db": "PACKETSTORM",
"id": "130758"
},
{
"db": "PACKETSTORM",
"id": "132752"
},
{
"db": "PACKETSTORM",
"id": "131222"
},
{
"db": "PACKETSTORM",
"id": "130451"
},
{
"db": "PACKETSTORM",
"id": "130558"
},
{
"db": "PACKETSTORM",
"id": "130446"
},
{
"db": "PACKETSTORM",
"id": "134008"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-1349",
"trust": 3.5
},
{
"db": "ISC",
"id": "AA-01235",
"trust": 2.0
},
{
"db": "JUNIPER",
"id": "JSA10783",
"trust": 1.3
},
{
"db": "MCAFEE",
"id": "SB10116",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVNVU99970459",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU93982119",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201502-414",
"trust": 0.6
},
{
"db": "BID",
"id": "72673",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "130646",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130758",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132752",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131222",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130451",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130558",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130446",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134008",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "72673"
},
{
"db": "PACKETSTORM",
"id": "130646"
},
{
"db": "PACKETSTORM",
"id": "130758"
},
{
"db": "PACKETSTORM",
"id": "132752"
},
{
"db": "PACKETSTORM",
"id": "131222"
},
{
"db": "PACKETSTORM",
"id": "130451"
},
{
"db": "PACKETSTORM",
"id": "130558"
},
{
"db": "PACKETSTORM",
"id": "130446"
},
{
"db": "PACKETSTORM",
"id": "134008"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
},
{
"db": "NVD",
"id": "CVE-2015-1349"
}
]
},
"id": "VAR-201502-0366",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.59105265
},
"last_update_date": "2026-04-10T23:30:42.934000Z",
"patch": {
"_id": null,
"data": [
{
"title": "APPLE-SA-2015-09-16-4 OS X Server 5.0.3",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
},
{
"title": "HT205219",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205219"
},
{
"title": "HT205219",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/HT205219"
},
{
"title": "HPSBUX03379",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143740940810833\u0026amp;w=2"
},
{
"title": "CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crash",
"trust": 0.8,
"url": "https://kb.isc.org/article/AA-01235/"
},
{
"title": "SB10116",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10116"
},
{
"title": "Bug 1193820",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1193820"
},
{
"title": "RHSA-2015:0672",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2015-0672.html"
},
{
"title": "BIND9.9.7.x86",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54140"
},
{
"title": "bind-9.10.2",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54143"
},
{
"title": "BIND9.10.2.x86",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54142"
},
{
"title": "bind-9.9.7",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54141"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
},
{
"db": "NVD",
"id": "CVE-2015-1349"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.0,
"url": "http://advisories.mageia.org/mgasa-2015-0082.html"
},
{
"trust": 1.9,
"url": "https://kb.isc.org/article/aa-01235"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2503-1"
},
{
"trust": 1.4,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0672.html"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201510-01"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1349"
},
{
"trust": 1.0,
"url": "https://kb.juniper.net/jsa10783"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-march/150905.html"
},
{
"trust": 1.0,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1193820"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00013.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:054"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:165"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00004.html"
},
{
"trust": 1.0,
"url": "https://support.apple.com/ht205219"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10116"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143740940810833\u0026w=2"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-march/150904.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1349"
},
{
"trust": 0.8,
"url": "http://jprs.jp/tech/security/2015-02-19-bind9-vuln-managed-trust-anchors.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93982119/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu99970459/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1349"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/feb/145"
},
{
"trust": 0.3,
"url": "http://www.isc.org/products/bind/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/jul/96"
},
{
"trust": 0.3,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10783\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101009291"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020682"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022295"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/apr/158"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4620"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1349"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumbe"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://advisories.mageia.org/mgasa-2014-0524.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8500"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8500"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-15:05.bind.asc\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:05/bind.patch.asc"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1349\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:05/bind.patch"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://kb.isc.org/article/aa-01235\u003e"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4ubuntu0.10"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-3ubuntu0.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-4.3ubuntu0.2"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4620"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5986"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5477"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5722"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5477"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5986"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1349"
}
],
"sources": [
{
"db": "BID",
"id": "72673"
},
{
"db": "PACKETSTORM",
"id": "130646"
},
{
"db": "PACKETSTORM",
"id": "130758"
},
{
"db": "PACKETSTORM",
"id": "132752"
},
{
"db": "PACKETSTORM",
"id": "131222"
},
{
"db": "PACKETSTORM",
"id": "130451"
},
{
"db": "PACKETSTORM",
"id": "130558"
},
{
"db": "PACKETSTORM",
"id": "130446"
},
{
"db": "PACKETSTORM",
"id": "134008"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
},
{
"db": "NVD",
"id": "CVE-2015-1349"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "BID",
"id": "72673",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130646",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130758",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132752",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131222",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130451",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130558",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130446",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "134008",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201502-414",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001534",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-1349",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-02-18T00:00:00",
"db": "BID",
"id": "72673",
"ident": null
},
{
"date": "2015-03-04T18:22:22",
"db": "PACKETSTORM",
"id": "130646",
"ident": null
},
{
"date": "2015-03-11T16:04:19",
"db": "PACKETSTORM",
"id": "130758",
"ident": null
},
{
"date": "2015-07-20T19:49:16",
"db": "PACKETSTORM",
"id": "132752",
"ident": null
},
{
"date": "2015-03-31T16:02:39",
"db": "PACKETSTORM",
"id": "131222",
"ident": null
},
{
"date": "2015-02-19T16:34:38",
"db": "PACKETSTORM",
"id": "130451",
"ident": null
},
{
"date": "2015-02-26T17:25:28",
"db": "PACKETSTORM",
"id": "130558",
"ident": null
},
{
"date": "2015-02-18T22:42:55",
"db": "PACKETSTORM",
"id": "130446",
"ident": null
},
{
"date": "2015-10-18T21:06:41",
"db": "PACKETSTORM",
"id": "134008",
"ident": null
},
{
"date": "2015-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201502-414",
"ident": null
},
{
"date": "2015-02-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001534",
"ident": null
},
{
"date": "2015-02-19T03:01:22.287000",
"db": "NVD",
"id": "CVE-2015-1349",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-04-18T01:05:00",
"db": "BID",
"id": "72673",
"ident": null
},
{
"date": "2015-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201502-414",
"ident": null
},
{
"date": "2015-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001534",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-1349",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "130758"
},
{
"db": "PACKETSTORM",
"id": "130558"
},
{
"db": "PACKETSTORM",
"id": "130446"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
}
],
"trust": 0.9
},
"title": {
"_id": null,
"data": "ISC BIND 9 Service operation interruption (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001534"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201502-414"
}
],
"trust": 0.6
}
}
VAR-201501-0339
Vulnerability from variot - Updated: 2026-04-10 23:30The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support. OpenSSL is prone to security-bypass vulnerability. Successfully exploiting these issues may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Corrected: 2015-01-09 00:58:20 UTC (stable/10, 10.1-STABLE) 2015-01-14 21:27:46 UTC (releng/10.1, 10.1-RELEASE-p4) 2015-01-14 21:27:46 UTC (releng/10.0, 10.0-RELEASE-p16) 2015-01-09 01:11:43 UTC (stable/9, 9.3-STABLE) 2015-01-14 21:27:46 UTC (releng/9.3, 9.3-RELEASE-p8) 2015-01-09 01:11:43 UTC (stable/8, 8.4-STABLE) 2015-01-14 21:27:46 UTC (releng/8.4, 8.4-RELEASE-p22) CVE Name: CVE-2014-3571, CVE-2015-0206, CVE-2014-3569, CVE-2014-3572 CVE-2015-0204, CVE-2015-0205, CVE-2014-8275, CVE-2014-3570
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . Background
FreeBSD includes software from the OpenSSL Project.
II. [CVE-2014-3569] This does not affect FreeBSD's default build. [CVE-2015-0205]
OpenSSL accepts several non-DER-variations of certificate signature algorithm and signature encodings. OpenSSL also does not enforce a match between the signature algorithm between the signed and unsigned portions of the certificate. [CVE-2014-3570]
III. [CVE-2015-0206]
A server can remove forward secrecy from the ciphersuite. [CVE-2014-3572]
A server could present a weak temporary key and downgrade the security of the session. This only affects servers which trust a client certificate authority which issues certificates containing DH keys, which is extremely rare. [CVE-2015-0205]
By modifying the contents of the signature algorithm or the encoding of the signature, it is possible to change the certificate's fingerprint. It also does not affect common revocation mechanisms. Only custom applications that rely on the uniqueness of the fingerprint (e.g. certificate blacklists) may be affected. [CVE-2014-8275]
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 8.4 and FreeBSD 9.3]
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch.asc
gpg --verify openssl-9.3.patch.asc
[FreeBSD 10.0]
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch.asc
gpg --verify openssl-10.0.patch.asc
[FreeBSD 10.1]
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch.asc
gpg --verify openssl-10.1.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart all deamons using the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r276865 releng/8.4/ r277195 stable/9/ r276865 releng/9.3/ r277195 stable/10/ r276864 releng/10.0/ r277195 releng/10.1/ r277195
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII.
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack (CVE-2014-0076).
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug (CVE-2014-0160).
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment (CVE-2014-0195).
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition (CVE-2014-0198).
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value (CVE-2014-3470).
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue (CVE-2014-3566).
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix (CVE-2014-3569).
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c (CVE-2014-3570).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message (CVE-2014-3572).
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c (CVE-2014-8275).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the FREAK issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations (CVE-2015-0204).
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import (CVE-2015-0209).
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse (CVE-2015-0287).
The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289).
The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293 http://openssl.org/news/secadv_20150108.txt http://openssl.org/news/secadv_20150319.txt
Updated Packages:
Mandriva Business Server 2/X86_64: 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS kz0ex6eI6hA6qSwklA2NoXY= =GYjX -----END PGP SIGNATURE----- .
Release Date: 2015-08-24 Last Updated: 2015-08-24
Potential Security Impact: Remote unauthorized modification, unauthorized access, or unauthorized disclosure of information.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Matrix Operating Environment. The vulnerabilities could be exploited remotely resulting in unauthorized modification, unauthorized access, or unauthorized disclosure of information.
References:
CVE-2010-5107 CVE-2013-0248 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-1692 CVE-2014-3523 CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8142 CVE-2014-8275 CVE-2014-9427 CVE-2014-9652 CVE-2014-9653 CVE-2014-9705 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0207 CVE-2015-0208 CVE-2015-0209 CVE-2015-0231 CVE-2015-0232 CVE-2015-0273 CVE-2015-0285 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0290 CVE-2015-0291 CVE-2015-0292 CVE-2015-0293 CVE-2015-1787 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-2134 CVE-2015-2139 CVE-2015-2140 CVE-2015-2301 CVE-2015-2331 CVE-2015-2348 CVE-2015-2787 CVE-2015-3113 CVE-2015-5122 CVE-2015-5123 CVE-2015-5402 CVE-2015-5403 CVE-2015-5404 CVE-2015-5405 CVE-2015-5427 CVE-2015-5428 CVE-2015-5429 CVE-2015-5430 CVE-2015-5431 CVE-2015-5432 CVE-2015-5433
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Matrix Operating Environment impacted software components and versions:
HP Systems Insight Manager (SIM) prior to version 7.5.0 HP System Management Homepage (SMH) prior to version 7.5.0 HP Version Control Agent (VCA) prior to version 7.5.0 HP Version Control Repository Manager (VCRM) prior to version 7.5.0 HP Insight Orchestration prior to version 7.5.0 HP Virtual Connect Enterprise Manager (VCEM) prior to version 7.5.0
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5107 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-0248 (AV:L/AC:M/Au:N/C:N/I:P/A:P) 3.3 CVE-2014-0118 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0226 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0231 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-1692 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-3523 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-8142 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-9427 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9652 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-9653 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9705 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0204 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0207 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0208 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-0209 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-0231 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0232 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-0273 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0285 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2015-0286 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0287 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0288 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0289 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0290 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0291 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0293 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1787 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6 CVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-2134 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0 CVE-2015-2139 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5 CVE-2015-2140 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9 CVE-2015-2301 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-2331 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-2348 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-2787 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-3113 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5123 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5402 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2015-5403 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5 CVE-2015-5404 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5405 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0 CVE-2015-5427 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5428 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5429 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5430 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2015-5431 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9 CVE-2015-5432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5433 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve the vulnerabilities in the impacted versions of HP Matrix Operating Environment
HP Matrix Operating Environment 7.5.0 is only available on DVD. Please order the latest version of the HP Matrix Operating Environment 7.5.0 DVD #2 ISO from the following location:
http://www.hp.com/go/insightupdates
Choose the orange Select button. This presents the HP Insight Management Media order page. Choose Insight Management 7.5 DVD-2-ZIP August 2015 from the Software specification list. Fill out the rest of the form and submit it.
HP has addressed these vulnerabilities for the affected software components bundled with the HP Matrix Operating Environment in the following HP Security Bulletins.
HP Matrix Operating Environment component HP Security Bulletin Number Security Bulletin Location
HP Systems Insight Manager (SIM) HPSBMU03394 HPSBMU03394 https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04762744
HP System Management Homepage (SMH) HPSBMU03380 http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04746490&la ng=en-us&cc=
HP Version Control Agent (VCA) HPSBMU03397 https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04765169
HP Version Control Repository Manager (VCRM) HPSBMU03396 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr _na-c04765115
HP Virtual Connect Enterprise Manager (VCEM) SDK HPSBMU03413 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr _na-c04774021
HISTORY Version:1 (rev.1) - 24 August 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: openssl security update Advisory ID: RHSA-2015:0066-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0066.html Issue date: 2015-01-20 Updated on: 2015-01-21 CVE Names: CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library.
A NULL pointer dereference flaw was found in the DTLS implementation of OpenSSL. A remote attacker could send a specially crafted DTLS message, which would cause an OpenSSL server to crash. (CVE-2014-3571)
A memory leak flaw was found in the way the dtls1_buffer_record() function of OpenSSL parsed certain DTLS messages. A remote attacker could send multiple specially crafted DTLS messages to exhaust all available memory of a DTLS server. (CVE-2015-0206)
It was found that OpenSSL's BigNumber Squaring implementation could produce incorrect results under certain special conditions. This flaw could possibly affect certain OpenSSL library functionality, such as RSA blinding. Note that this issue occurred rarely and with a low probability, and there is currently no known way of exploiting it. (CVE-2014-3570)
It was discovered that OpenSSL would perform an ECDH key exchange with a non-ephemeral key even when the ephemeral ECDH cipher suite was selected. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method than the one requested by the user. (CVE-2014-3572)
It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method. (CVE-2015-0204)
Multiple flaws were found in the way OpenSSL parsed X.509 certificates. An attacker could use these flaws to modify an X.509 certificate to produce a certificate with a different fingerprint without invalidating its signature, and possibly bypass fingerprint-based blacklisting in applications. (CVE-2014-8275)
It was found that an OpenSSL server would, under certain conditions, accept Diffie-Hellman client certificates without the use of a private key. An attacker could use a user's client certificate to authenticate as that user, without needing the private key. (CVE-2015-0205)
All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to mitigate the above issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1180184 - CVE-2015-0204 openssl: Only allow ephemeral RSA keys in export ciphersuites 1180185 - CVE-2014-3572 openssl: ECDH downgrade bug fix 1180187 - CVE-2014-8275 openssl: Fix various certificate fingerprint issues 1180234 - CVE-2014-3571 openssl: DTLS segmentation fault in dtls1_get_record 1180235 - CVE-2015-0206 openssl: DTLS memory leak in dtls1_buffer_record 1180239 - CVE-2015-0205 openssl: DH client certificates accepted without verification 1180240 - CVE-2014-3570 openssl: Bignum squaring may produce incorrect results
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-30.el6_6.5.src.rpm
i386: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm
x86_64: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-perl-1.0.1e-30.el6_6.5.i686.rpm openssl-static-1.0.1e-30.el6_6.5.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-static-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-30.el6_6.5.src.rpm
x86_64: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-static-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-30.el6_6.5.src.rpm
i386: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm
ppc64: openssl-1.0.1e-30.el6_6.5.ppc.rpm openssl-1.0.1e-30.el6_6.5.ppc64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.ppc.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.ppc64.rpm openssl-devel-1.0.1e-30.el6_6.5.ppc.rpm openssl-devel-1.0.1e-30.el6_6.5.ppc64.rpm
s390x: openssl-1.0.1e-30.el6_6.5.s390.rpm openssl-1.0.1e-30.el6_6.5.s390x.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.s390.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.s390x.rpm openssl-devel-1.0.1e-30.el6_6.5.s390.rpm openssl-devel-1.0.1e-30.el6_6.5.s390x.rpm
x86_64: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-perl-1.0.1e-30.el6_6.5.i686.rpm openssl-static-1.0.1e-30.el6_6.5.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-30.el6_6.5.ppc64.rpm openssl-perl-1.0.1e-30.el6_6.5.ppc64.rpm openssl-static-1.0.1e-30.el6_6.5.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-30.el6_6.5.s390x.rpm openssl-perl-1.0.1e-30.el6_6.5.s390x.rpm openssl-static-1.0.1e-30.el6_6.5.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-static-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-30.el6_6.5.src.rpm
i386: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm
x86_64: openssl-1.0.1e-30.el6_6.5.i686.rpm openssl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.5.i686.rpm openssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm openssl-perl-1.0.1e-30.el6_6.5.i686.rpm openssl-static-1.0.1e-30.el6_6.5.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm openssl-static-1.0.1e-30.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-34.el7_0.7.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.7.i686.rpm openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.7.i686.rpm openssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-static-1.0.1e-34.el7_0.7.i686.rpm openssl-static-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-34.el7_0.7.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.7.i686.rpm openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.7.i686.rpm openssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-static-1.0.1e-34.el7_0.7.i686.rpm openssl-static-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-34.el7_0.7.src.rpm
ppc64: openssl-1.0.1e-34.el7_0.7.ppc64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.ppc64.rpm openssl-devel-1.0.1e-34.el7_0.7.ppc.rpm openssl-devel-1.0.1e-34.el7_0.7.ppc64.rpm openssl-libs-1.0.1e-34.el7_0.7.ppc.rpm openssl-libs-1.0.1e-34.el7_0.7.ppc64.rpm
s390x: openssl-1.0.1e-34.el7_0.7.s390x.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.s390x.rpm openssl-devel-1.0.1e-34.el7_0.7.s390.rpm openssl-devel-1.0.1e-34.el7_0.7.s390x.rpm openssl-libs-1.0.1e-34.el7_0.7.s390.rpm openssl-libs-1.0.1e-34.el7_0.7.s390x.rpm
x86_64: openssl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.7.i686.rpm openssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.7.i686.rpm openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-34.el7_0.7.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.ppc64.rpm openssl-perl-1.0.1e-34.el7_0.7.ppc64.rpm openssl-static-1.0.1e-34.el7_0.7.ppc.rpm openssl-static-1.0.1e-34.el7_0.7.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-34.el7_0.7.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.s390x.rpm openssl-perl-1.0.1e-34.el7_0.7.s390x.rpm openssl-static-1.0.1e-34.el7_0.7.s390.rpm openssl-static-1.0.1e-34.el7_0.7.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-static-1.0.1e-34.el7_0.7.i686.rpm openssl-static-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-34.el7_0.7.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.7.i686.rpm openssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.7.i686.rpm openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm openssl-static-1.0.1e-34.el7_0.7.i686.rpm openssl-static-1.0.1e-34.el7_0.7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-3570 https://access.redhat.com/security/cve/CVE-2014-3571 https://access.redhat.com/security/cve/CVE-2014-3572 https://access.redhat.com/security/cve/CVE-2014-8275 https://access.redhat.com/security/cve/CVE-2015-0204 https://access.redhat.com/security/cve/CVE-2015-0205 https://access.redhat.com/security/cve/CVE-2015-0206 https://access.redhat.com/security/updates/classification/#moderate https://www.openssl.org/news/secadv_20150108.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFUwCWMXlSAg2UNWIIRAioBAJ4/RjG4OGXzCwg+PJJWNqyvahe3rQCeNE+X ENFobdxQdJ+gVAiRe8Qf54A= =wyAg -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "powerlinux 7r2",
"scope": "eq",
"trust": 1.2,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "communications core session manager",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "7.3.5"
},
{
"_id": null,
"model": "communications core session manager",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "7.2.5"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0o"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0n"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7200"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7700"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7800"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7100"
},
{
"_id": null,
"model": "hpe systems insight manager",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "hp thinpro linux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "(x86)"
},
{
"_id": null,
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.63"
},
{
"_id": null,
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle mobile security suite mss 3.0"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.2"
},
{
"_id": null,
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.71"
},
{
"_id": null,
"model": "hp virtual connect enterprise manager sdk",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "hpe server migration pack",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0p"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "hpe insight control",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "none"
},
{
"_id": null,
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "5.6.22 and earlier"
},
{
"_id": null,
"model": "hpe version control repository manager",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "hp version control agent",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "hpe matrix operating environment",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "hp thinpro linux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "(arm)"
},
{
"_id": null,
"model": "system management homepage",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"_id": null,
"model": "hpe insight control",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "server provisioning"
},
{
"_id": null,
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 5.1"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7400"
},
{
"_id": null,
"model": "power express",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "5200"
},
{
"_id": null,
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "5700"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7300"
},
{
"_id": null,
"model": "powerlinux 7r1",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.1"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.5"
},
{
"_id": null,
"model": "mate collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ata series analog terminal adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "bladecenter advanced management module 25r5778",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "power system s822",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.186"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1948"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "783.00"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5205635"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.6"
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.80"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "flex system p270 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7954-24x)0"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x22025850"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "6"
},
{
"_id": null,
"model": "power systems e870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.4"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.50"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.3"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79120"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.780"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.2"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "85100"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"_id": null,
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.0p",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"_id": null,
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "flex system p260 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-23x)0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.0"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "junos os 13.3r6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.19"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.1"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "prime security manager 04.8 qa08",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.70"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.21"
},
{
"_id": null,
"model": "ns oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"_id": null,
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.0-68"
},
{
"_id": null,
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems 350.c0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.842"
},
{
"_id": null,
"model": "workflow for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5750"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "flex system manager node types",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79550"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0.870"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2-77"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "telepresence te software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "linux enterprise software development kit sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.1.11"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x350073830"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "7"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.2.2.2"
},
{
"_id": null,
"model": "network configuration and change management service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.840"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37001.1"
},
{
"_id": null,
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.8"
},
{
"_id": null,
"model": "power system s814",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310025820"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.21"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.4"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.3"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.00"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.40"
},
{
"_id": null,
"model": "project openssl 1.0.0m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power systems 350.b1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24087380"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power systems 350.e0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.21"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.96"
},
{
"_id": null,
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "project openssl 1.0.1k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50001.1"
},
{
"_id": null,
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8720"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.2"
},
{
"_id": null,
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems 350.e1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6.156"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.00"
},
{
"_id": null,
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"_id": null,
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.8"
},
{
"_id": null,
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"_id": null,
"model": "ns oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"_id": null,
"model": "system management homepage c",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.186"
},
{
"_id": null,
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise content delivery service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4(7.26)"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.0.10"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8886"
},
{
"_id": null,
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.19"
},
{
"_id": null,
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3"
},
{
"_id": null,
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "power systems 350.a0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "systems insight manager sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.3"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.0.820"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.1"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(5.106)"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.3"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.1.8"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1.8"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x22079060"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.4"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x638370"
},
{
"_id": null,
"model": "mq client for hp integrity nonstop server supportpac mqc8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-0"
},
{
"_id": null,
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x88042590"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1"
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7967"
},
{
"_id": null,
"model": "dx360 m4 water cooled type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79180"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "initiate master data service patient hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.00"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.02"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.102"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4"
},
{
"_id": null,
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.22"
},
{
"_id": null,
"model": "application policy infrastructure controller 1.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.1.830"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "820.03"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8852"
},
{
"_id": null,
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nextscale nx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "54550"
},
{
"_id": null,
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8750"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.1"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5205577"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15-210"
},
{
"_id": null,
"model": "websphere mq for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v6"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "security proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.9.1"
},
{
"_id": null,
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0-103"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12.201"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.16"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.95"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.3.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.81"
},
{
"_id": null,
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0-95"
},
{
"_id": null,
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.00"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "ace30 application control engine module 3.0 a5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "junos os 12.3r10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "unified computing system b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.96"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079150"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.6"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.7"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2.127"
},
{
"_id": null,
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.50"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.800"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "cms r17 r4",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087220"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.60"
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1881"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.00"
},
{
"_id": null,
"model": "powerlinux 7r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1-73"
},
{
"_id": null,
"model": "infosphere master data management patient hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.780"
},
{
"_id": null,
"model": "power systems 350.b0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"_id": null,
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.5.03.00"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"_id": null,
"model": "wag310g residential gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "power ese",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0-14"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4"
},
{
"_id": null,
"model": "cognos controller if1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.3"
},
{
"_id": null,
"model": "as infinity",
"scope": "ne",
"trust": 0.3,
"vendor": "pexip",
"version": "8.1"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "820.02"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.2"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.00"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.11"
},
{
"_id": null,
"model": "project openssl 1.0.0o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.7"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0.860"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2"
},
{
"_id": null,
"model": "linux enterprise server for vmware sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.146"
},
{
"_id": null,
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"_id": null,
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(0.625)"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7779"
},
{
"_id": null,
"model": "agent desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x88079030"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0.870"
},
{
"_id": null,
"model": "flex system p260 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-22x)0"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24087370"
},
{
"_id": null,
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3"
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "52056340"
},
{
"_id": null,
"model": "ctpos 7.0r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.840"
},
{
"_id": null,
"model": "system management homepage a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11.197"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.14"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.3"
},
{
"_id": null,
"model": "power system s824l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15210"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "network performance analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"_id": null,
"model": "system m4 hd type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365054600"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.80"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.30"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)5.0"
},
{
"_id": null,
"model": "infosphere master data management provider hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.8"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "560"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "version control repository manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "power 795",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.740"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "systems insight manager update",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.31"
},
{
"_id": null,
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "system management homepage 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.51"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.1"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.21"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "cms r17 r3",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x22279160"
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power system s822l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5504667"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.10"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5205587"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "ringmaster appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.60"
},
{
"_id": null,
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.19"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.5"
},
{
"_id": null,
"model": "ctpview 7.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.1"
},
{
"_id": null,
"model": "cognos controller interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.1"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.41"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.0"
},
{
"_id": null,
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "bladecenter js22",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7998-61x)0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.5"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "vgw",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.0.820"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.5"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.20"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.32"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2.835"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "system m4 bd type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365054660"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.19"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.15"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "src series",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"_id": null,
"model": "iptv",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"_id": null,
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325025830"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "ns oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2.106"
},
{
"_id": null,
"model": "web security appliance 9.0.0 -fcs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "systems insight manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "bladecenter js23",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x)0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.1.830"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "42000"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage 7.3.2.1",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "3"
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.14.20"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.760"
},
{
"_id": null,
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "84200"
},
{
"_id": null,
"model": "physical access gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "52056330"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "bladecenter js43 with feature code",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x8446)0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.51"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.186"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x330073820"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "2"
},
{
"_id": null,
"model": "power system s824",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "ctp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7500"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9.790"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1.730"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x363071580"
},
{
"_id": null,
"model": "power systems e880",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "ctpos 7.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.5"
},
{
"_id": null,
"model": "mq appliance m2000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "flex system p460 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-42x)0"
},
{
"_id": null,
"model": "initiate master data service patient hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.5"
},
{
"_id": null,
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.5"
},
{
"_id": null,
"model": "bladecenter t advanced management module 32r0835",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.801"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.2"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.10"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "flex system manager node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8734-"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.5"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.20"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2"
},
{
"_id": null,
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.3"
},
{
"_id": null,
"model": "mobile wireless transport manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "mate design",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24078630"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.61"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4.143"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087330"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.20"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24089560"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.90"
},
{
"_id": null,
"model": "powervu d9190 conditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.02"
},
{
"_id": null,
"model": "bladecenter js12 express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7998-60x)0"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.1"
},
{
"_id": null,
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8730"
},
{
"_id": null,
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.1.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.3"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x353071600"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.7"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.29)"
},
{
"_id": null,
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"_id": null,
"model": "mate live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.5"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0-12"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.50"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7989"
},
{
"_id": null,
"model": "websphere mq client for hp integrity nonstop server supportpac",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-0"
},
{
"_id": null,
"model": "mobile security suite mss",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1.104"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.7"
},
{
"_id": null,
"model": "nsm",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.20"
},
{
"_id": null,
"model": "cognos controller if3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.10"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.11"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.6"
},
{
"_id": null,
"model": "flex system p24l compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"_id": null,
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8740"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0.860"
},
{
"_id": null,
"model": "websphere mq for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "power system s812l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.10"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.2"
},
{
"_id": null,
"model": "mobile messaging and m2m client pack (eclipse paho mqtt c client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.1"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "pulse secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.00"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087180"
},
{
"_id": null,
"model": "flex system manager node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8731-"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.146"
},
{
"_id": null,
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79130"
},
{
"_id": null,
"model": "systems insight manager sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1.73"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "4"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "45000"
},
{
"_id": null,
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"_id": null,
"model": "project openssl 1.0.0n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310054570"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "783.01"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.1"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1"
},
{
"_id": null,
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0"
},
{
"_id": null,
"model": "insight control",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.10"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1841"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"_id": null,
"model": "server migration pack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "cognos controller fp1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "project openssl 1.0.0h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.3"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(3.1)"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.4"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.179"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "8"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "junos os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355079140"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.20"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"_id": null,
"model": "server migration pack",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.01"
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power systems 350.d0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1886"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087520"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.40"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.2"
},
{
"_id": null,
"model": "vds service broker",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "74.90"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35001.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.5"
},
{
"_id": null,
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.40"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x638370"
},
{
"_id": null,
"model": "flex system p260 compute node /fc efd9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.2"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5950"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "junos os 12.3x48-d10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8677"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.2"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.5"
},
{
"_id": null,
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "004.000(1233)"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2.835"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2.10"
},
{
"_id": null,
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.841"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.3"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.7"
},
{
"_id": null,
"model": "ctpos 6.6r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "junos os 13.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.103"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.3"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.01"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.52"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"_id": null,
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "550"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5504965"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.7"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "53000"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.0.121"
},
{
"_id": null,
"model": "ios 15.5 s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"_id": null,
"model": "prime performance manager for sps ppm sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "session border controller for enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.70"
},
{
"_id": null,
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"_id": null,
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.6"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.31"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x44079170"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"_id": null,
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.1.2"
},
{
"_id": null,
"model": "flex system p460 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-43x)0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "systems insight manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.8"
},
{
"_id": null,
"model": "dx360 m4 water cooled type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79190"
},
{
"_id": null,
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4.750"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.5"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"_id": null,
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325054580"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.8"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.00"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.800"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)5.1"
},
{
"_id": null,
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9.790"
}
],
"sources": [
{
"db": "BID",
"id": "71941"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001010"
},
{
"db": "NVD",
"id": "CVE-2015-0205"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:oracle:integrated_lights_out_manager_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:mysql",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:communications_core_session_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:fusion_middleware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:oracle:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:virtualization_secure_global_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:thinpro_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:version_control_agent",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:virtual_connect_enterprise_manager_sdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:insight_control",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:matrix_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:server_migration_pack",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:systems_insight_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:version_control_repository_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:system_management_homepage",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001010"
}
]
},
"credits": {
"_id": null,
"data": "Karthikeyan Bhargavan of the PROSECCO team at INRIA.",
"sources": [
{
"db": "BID",
"id": "71941"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0205",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-0205",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-0205",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-0205",
"trust": 0.8,
"value": "Medium"
},
{
"author": "VULMON",
"id": "CVE-2015-0205",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-0205"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001010"
},
{
"db": "NVD",
"id": "CVE-2015-0205"
}
]
},
"description": {
"_id": null,
"data": "The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support. OpenSSL is prone to security-bypass vulnerability. \nSuccessfully exploiting these issues may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. \nCorrected: 2015-01-09 00:58:20 UTC (stable/10, 10.1-STABLE)\n 2015-01-14 21:27:46 UTC (releng/10.1, 10.1-RELEASE-p4)\n 2015-01-14 21:27:46 UTC (releng/10.0, 10.0-RELEASE-p16)\n 2015-01-09 01:11:43 UTC (stable/9, 9.3-STABLE)\n 2015-01-14 21:27:46 UTC (releng/9.3, 9.3-RELEASE-p8)\n 2015-01-09 01:11:43 UTC (stable/8, 8.4-STABLE)\n 2015-01-14 21:27:46 UTC (releng/8.4, 8.4-RELEASE-p22)\nCVE Name: CVE-2014-3571, CVE-2015-0206, CVE-2014-3569, CVE-2014-3572\n CVE-2015-0204, CVE-2015-0205, CVE-2014-8275, CVE-2014-3570\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. Background\n\nFreeBSD includes software from the OpenSSL Project. \n\nII. [CVE-2014-3569] This does not affect\nFreeBSD\u0027s default build. [CVE-2015-0205]\n\nOpenSSL accepts several non-DER-variations of certificate signature\nalgorithm and signature encodings. OpenSSL also does not enforce a\nmatch between the signature algorithm between the signed and unsigned\nportions of the certificate. [CVE-2014-3570]\n\nIII. [CVE-2015-0206]\n\nA server can remove forward secrecy from the ciphersuite. [CVE-2014-3572]\n\nA server could present a weak temporary key and downgrade the security of\nthe session. This only\naffects servers which trust a client certificate authority which issues\ncertificates containing DH keys, which is extremely rare. [CVE-2015-0205]\n\nBy modifying the contents of the signature algorithm or the encoding of\nthe signature, it is possible to change the certificate\u0027s fingerprint. It also does not affect common revocation mechanisms. Only\ncustom applications that rely on the uniqueness of the fingerprint\n(e.g. certificate blacklists) may be affected. [CVE-2014-8275]\n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 8.4 and FreeBSD 9.3]\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch.asc\n# gpg --verify openssl-9.3.patch.asc\n\n[FreeBSD 10.0]\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch.asc\n# gpg --verify openssl-10.0.patch.asc\n\n[FreeBSD 10.1]\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch.asc\n# gpg --verify openssl-10.1.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r276865\nreleng/8.4/ r277195\nstable/9/ r276865\nreleng/9.3/ r277195\nstable/10/ r276864\nreleng/10.0/ r277195\nreleng/10.1/ r277195\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. \n \n The Montgomery ladder implementation in OpenSSL through 1.0.0l does\n not ensure that certain swap operations have a constant-time behavior,\n which makes it easier for local users to obtain ECDSA nonces via a\n FLUSH+RELOAD cache side-channel attack (CVE-2014-0076). \n \n The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before\n 1.0.1g do not properly handle Heartbeat Extension packets, which allows\n remote attackers to obtain sensitive information from process memory\n via crafted packets that trigger a buffer over-read, as demonstrated\n by reading private keys, related to d1_both.c and t1_lib.c, aka the\n Heartbleed bug (CVE-2014-0160). \n \n The dtls1_reassemble_fragment function in d1_both.c in OpenSSL\n before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does\n not properly validate fragment lengths in DTLS ClientHello messages,\n which allows remote attackers to execute arbitrary code or cause a\n denial of service (buffer overflow and application crash) via a long\n non-initial fragment (CVE-2014-0195). \n \n The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g,\n when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a\n buffer pointer during certain recursive calls, which allows remote\n attackers to cause a denial of service (NULL pointer dereference\n and application crash) via vectors that trigger an alert condition\n (CVE-2014-0198). \n \n The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL\n before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when\n an anonymous ECDH cipher suite is used, allows remote attackers to\n cause a denial of service (NULL pointer dereference and client crash)\n by triggering a NULL certificate value (CVE-2014-3470). \n \n The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other\n products, uses nondeterministic CBC padding, which makes it easier\n for man-in-the-middle attackers to obtain cleartext data via a\n padding-oracle attack, aka the POODLE issue (CVE-2014-3566). \n \n The ssl23_get_client_hello function in s23_srvr.c in OpenSSL\n 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to\n use unsupported protocols, which allows remote attackers to cause a\n denial of service (NULL pointer dereference and daemon crash) via\n an unexpected handshake, as demonstrated by an SSLv3 handshake to\n a no-ssl3 application with certain error handling. NOTE: this issue\n became relevant after the CVE-2014-3568 fix (CVE-2014-3569). \n \n The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before\n 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square\n of a BIGNUM value, which might make it easier for remote attackers to\n defeat cryptographic protection mechanisms via unspecified vectors,\n related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and\n crypto/bn/bn_asm.c (CVE-2014-3570). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote\n SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger\n a loss of forward secrecy by omitting the ServerKeyExchange message\n (CVE-2014-3572). \n \n OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k\n does not enforce certain constraints on certificate data, which allows\n remote attackers to defeat a fingerprint-based certificate-blacklist\n protection mechanism by including crafted data within a\n certificate\u0026#039;s unsigned portion, related to crypto/asn1/a_verify.c,\n crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c\n (CVE-2014-8275). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL\n servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate\n brute-force decryption by offering a weak ephemeral RSA key in a\n noncompliant role, related to the FREAK issue. NOTE: the scope of\n this CVE is only client code based on OpenSSL, not EXPORT_RSA issues\n associated with servers or other TLS implementations (CVE-2015-0204). \n \n Use-after-free vulnerability in the d2i_ECPrivateKey function in\n crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r,\n 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote\n attackers to cause a denial of service (memory corruption and\n application crash) or possibly have unspecified other impact via a\n malformed Elliptic Curve (EC) private-key file that is improperly\n handled during import (CVE-2015-0209). \n \n The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL\n before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2\n before 1.0.2a does not reinitialize CHOICE and ADB data structures,\n which might allow attackers to cause a denial of service (invalid\n write operation and memory corruption) by leveraging an application\n that relies on ASN.1 structure reuse (CVE-2015-0287). \n \n The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before\n 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not\n properly handle a lack of outer ContentInfo, which allows attackers to\n cause a denial of service (NULL pointer dereference and application\n crash) by leveraging an application that processes arbitrary PKCS#7\n data and providing malformed data with ASN.1 encoding, related to\n crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289). \n \n The updated packages have been upgraded to the 1.0.1m version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293\n http://openssl.org/news/secadv_20150108.txt\n http://openssl.org/news/secadv_20150319.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm\n 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm\n a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm \n 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS\nkz0ex6eI6hA6qSwklA2NoXY=\n=GYjX\n-----END PGP SIGNATURE-----\n. \n\nRelease Date: 2015-08-24\nLast Updated: 2015-08-24\n\nPotential Security Impact: Remote unauthorized modification, unauthorized\naccess, or unauthorized disclosure of information. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Matrix\nOperating Environment. The vulnerabilities could be exploited remotely\nresulting in unauthorized modification, unauthorized access, or unauthorized\ndisclosure of information. \n\nReferences:\n\nCVE-2010-5107\nCVE-2013-0248\nCVE-2014-0118\nCVE-2014-0226\nCVE-2014-0231\nCVE-2014-1692\nCVE-2014-3523\nCVE-2014-3569\nCVE-2014-3570\nCVE-2014-3571\nCVE-2014-3572\nCVE-2014-8142\nCVE-2014-8275\nCVE-2014-9427\nCVE-2014-9652\nCVE-2014-9653\nCVE-2014-9705\nCVE-2015-0204\nCVE-2015-0205\nCVE-2015-0206\nCVE-2015-0207\nCVE-2015-0208\nCVE-2015-0209\nCVE-2015-0231\nCVE-2015-0232\nCVE-2015-0273\nCVE-2015-0285\nCVE-2015-0286\nCVE-2015-0287\nCVE-2015-0288\nCVE-2015-0289\nCVE-2015-0290\nCVE-2015-0291\nCVE-2015-0292\nCVE-2015-0293\nCVE-2015-1787\nCVE-2015-1788\nCVE-2015-1789\nCVE-2015-1790\nCVE-2015-1791\nCVE-2015-1792\nCVE-2015-2134\nCVE-2015-2139\nCVE-2015-2140\nCVE-2015-2301\nCVE-2015-2331\nCVE-2015-2348\nCVE-2015-2787\nCVE-2015-3113\nCVE-2015-5122\nCVE-2015-5123\nCVE-2015-5402\nCVE-2015-5403\nCVE-2015-5404\nCVE-2015-5405\nCVE-2015-5427\nCVE-2015-5428\nCVE-2015-5429\nCVE-2015-5430\nCVE-2015-5431\nCVE-2015-5432\nCVE-2015-5433\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Matrix Operating Environment impacted software components and versions:\n\nHP Systems Insight Manager (SIM) prior to version 7.5.0\nHP System Management Homepage (SMH) prior to version 7.5.0\nHP Version Control Agent (VCA) prior to version 7.5.0\nHP Version Control Repository Manager (VCRM) prior to version 7.5.0\nHP Insight Orchestration prior to version 7.5.0\nHP Virtual Connect Enterprise Manager (VCEM) prior to version 7.5.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5107 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-0248 (AV:L/AC:M/Au:N/C:N/I:P/A:P) 3.3\nCVE-2014-0118 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0226 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0231 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-1692 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-3523 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2014-8142 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2014-9427 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-9652 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-9653 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-9705 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0204 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0207 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0208 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-0209 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-0231 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0232 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-0273 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0285 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2015-0286 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0287 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0288 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0289 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0290 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0291 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0293 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1787 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6\nCVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-2134 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0\nCVE-2015-2139 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5\nCVE-2015-2140 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9\nCVE-2015-2301 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-2331 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-2348 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-2787 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-3113 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5123 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5402 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9\nCVE-2015-5403 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5\nCVE-2015-5404 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5405 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0\nCVE-2015-5427 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5428 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5429 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5430 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2015-5431 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9\nCVE-2015-5432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5433 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the\nvulnerabilities in the impacted versions of HP Matrix Operating Environment\n\nHP Matrix Operating Environment 7.5.0 is only available on DVD. Please order\nthe latest version of the HP Matrix Operating Environment 7.5.0 DVD #2 ISO\nfrom the following location:\n\nhttp://www.hp.com/go/insightupdates\n\nChoose the orange Select button. This presents the HP Insight Management\nMedia order page. Choose Insight Management 7.5 DVD-2-ZIP August 2015 from\nthe Software specification list. Fill out the rest of the form and submit it. \n\nHP has addressed these vulnerabilities for the affected software components\nbundled with the HP Matrix Operating Environment in the following HP Security\nBulletins. \n\nHP Matrix Operating Environment component\n HP Security Bulletin Number\n Security Bulletin Location\n\nHP Systems Insight Manager (SIM)\n HPSBMU03394\n HPSBMU03394\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04762744\n\nHP System Management Homepage (SMH)\n HPSBMU03380\n http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04746490\u0026la\nng=en-us\u0026cc=\n\nHP Version Control Agent (VCA)\n HPSBMU03397\n https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04765169\n\nHP Version Control Repository Manager (VCRM)\n HPSBMU03396\n https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr\n_na-c04765115\n\nHP Virtual Connect Enterprise Manager (VCEM) SDK\n HPSBMU03413\n https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr\n_na-c04774021\n\nHISTORY\nVersion:1 (rev.1) - 24 August 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: openssl security update\nAdvisory ID: RHSA-2015:0066-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0066.html\nIssue date: 2015-01-20\nUpdated on: 2015-01-21\nCVE Names: CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 \n CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 \n CVE-2015-0206 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary. \n\nA NULL pointer dereference flaw was found in the DTLS implementation of\nOpenSSL. A remote attacker could send a specially crafted DTLS message,\nwhich would cause an OpenSSL server to crash. (CVE-2014-3571)\n\nA memory leak flaw was found in the way the dtls1_buffer_record() function\nof OpenSSL parsed certain DTLS messages. A remote attacker could send\nmultiple specially crafted DTLS messages to exhaust all available memory of\na DTLS server. (CVE-2015-0206)\n\nIt was found that OpenSSL\u0027s BigNumber Squaring implementation could produce\nincorrect results under certain special conditions. This flaw could\npossibly affect certain OpenSSL library functionality, such as RSA\nblinding. Note that this issue occurred rarely and with a low probability,\nand there is currently no known way of exploiting it. (CVE-2014-3570)\n\nIt was discovered that OpenSSL would perform an ECDH key exchange with a\nnon-ephemeral key even when the ephemeral ECDH cipher suite was selected. \nA malicious server could make a TLS/SSL client using OpenSSL use a weaker\nkey exchange method than the one requested by the user. (CVE-2014-3572)\n\nIt was discovered that OpenSSL would accept ephemeral RSA keys when using\nnon-export RSA cipher suites. A malicious server could make a TLS/SSL\nclient using OpenSSL use a weaker key exchange method. (CVE-2015-0204)\n\nMultiple flaws were found in the way OpenSSL parsed X.509 certificates. \nAn attacker could use these flaws to modify an X.509 certificate to produce\na certificate with a different fingerprint without invalidating its\nsignature, and possibly bypass fingerprint-based blacklisting in\napplications. (CVE-2014-8275)\n\nIt was found that an OpenSSL server would, under certain conditions, accept\nDiffie-Hellman client certificates without the use of a private key. \nAn attacker could use a user\u0027s client certificate to authenticate as that\nuser, without needing the private key. (CVE-2015-0205)\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to mitigate the above issues. For the update to\ntake effect, all services linked to the OpenSSL library (such as httpd and\nother SSL-enabled services) must be restarted or the system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata \nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1180184 - CVE-2015-0204 openssl: Only allow ephemeral RSA keys in export ciphersuites\n1180185 - CVE-2014-3572 openssl: ECDH downgrade bug fix\n1180187 - CVE-2014-8275 openssl: Fix various certificate fingerprint issues\n1180234 - CVE-2014-3571 openssl: DTLS segmentation fault in dtls1_get_record\n1180235 - CVE-2015-0206 openssl: DTLS memory leak in dtls1_buffer_record\n1180239 - CVE-2015-0205 openssl: DH client certificates accepted without verification\n1180240 - CVE-2014-3570 openssl: Bignum squaring may produce incorrect results\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.5.src.rpm\n\ni386:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-static-1.0.1e-30.el6_6.5.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.5.src.rpm\n\ni386:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\n\nppc64:\nopenssl-1.0.1e-30.el6_6.5.ppc.rpm\nopenssl-1.0.1e-30.el6_6.5.ppc64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.ppc.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.ppc64.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.ppc.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-30.el6_6.5.s390.rpm\nopenssl-1.0.1e-30.el6_6.5.s390x.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.s390.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.s390x.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.s390.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-static-1.0.1e-30.el6_6.5.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.ppc64.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.ppc64.rpm\nopenssl-static-1.0.1e-30.el6_6.5.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.s390x.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.s390x.rpm\nopenssl-static-1.0.1e-30.el6_6.5.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.5.src.rpm\n\ni386:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.i686.rpm\nopenssl-static-1.0.1e-30.el6_6.5.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.5.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.7.src.rpm\n\nppc64:\nopenssl-1.0.1e-34.el7_0.7.ppc64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.ppc64.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.ppc.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.ppc64.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.ppc.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-34.el7_0.7.s390x.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.s390.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.s390x.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.s390.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.s390x.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.s390.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-34.el7_0.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.ppc64.rpm\nopenssl-perl-1.0.1e-34.el7_0.7.ppc64.rpm\nopenssl-static-1.0.1e-34.el7_0.7.ppc.rpm\nopenssl-static-1.0.1e-34.el7_0.7.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-34.el7_0.7.s390.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.s390x.rpm\nopenssl-perl-1.0.1e-34.el7_0.7.s390x.rpm\nopenssl-static-1.0.1e-34.el7_0.7.s390.rpm\nopenssl-static-1.0.1e-34.el7_0.7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.7.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.7.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3570\nhttps://access.redhat.com/security/cve/CVE-2014-3571\nhttps://access.redhat.com/security/cve/CVE-2014-3572\nhttps://access.redhat.com/security/cve/CVE-2014-8275\nhttps://access.redhat.com/security/cve/CVE-2015-0204\nhttps://access.redhat.com/security/cve/CVE-2015-0205\nhttps://access.redhat.com/security/cve/CVE-2015-0206\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://www.openssl.org/news/secadv_20150108.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUwCWMXlSAg2UNWIIRAioBAJ4/RjG4OGXzCwg+PJJWNqyvahe3rQCeNE+X\nENFobdxQdJ+gVAiRe8Qf54A=\n=wyAg\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0205"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001010"
},
{
"db": "BID",
"id": "71941"
},
{
"db": "VULMON",
"id": "CVE-2015-0205"
},
{
"db": "PACKETSTORM",
"id": "133317"
},
{
"db": "PACKETSTORM",
"id": "129973"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "133316"
},
{
"db": "PACKETSTORM",
"id": "129870"
},
{
"db": "PACKETSTORM",
"id": "133325"
},
{
"db": "PACKETSTORM",
"id": "130051"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-0205",
"trust": 2.9
},
{
"db": "JUNIPER",
"id": "JSA10679",
"trust": 1.4
},
{
"db": "BID",
"id": "71941",
"trust": 1.4
},
{
"db": "MCAFEE",
"id": "SB10102",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10108",
"trust": 1.1
},
{
"db": "BID",
"id": "91787",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1033378",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU98974537",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001010",
"trust": 0.8
},
{
"db": "VULMON",
"id": "CVE-2015-0205",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133317",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129973",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131044",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133316",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133325",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130051",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-0205"
},
{
"db": "BID",
"id": "71941"
},
{
"db": "PACKETSTORM",
"id": "133317"
},
{
"db": "PACKETSTORM",
"id": "129973"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "133316"
},
{
"db": "PACKETSTORM",
"id": "129870"
},
{
"db": "PACKETSTORM",
"id": "133325"
},
{
"db": "PACKETSTORM",
"id": "130051"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001010"
},
{
"db": "NVD",
"id": "CVE-2015-0205"
}
]
},
"id": "VAR-201501-0339",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4209152
},
"last_update_date": "2026-04-10T23:30:42.866000Z",
"patch": {
"_id": null,
"data": [
{
"title": "cisco-sa-20150310-ssl",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl"
},
{
"title": "Unauthenticated DH client certificate fix.",
"trust": 0.8,
"url": "https://github.com/openssl/openssl/commit/1421e0c584ae9120ca1b88098f13d6d2e90b83a3"
},
{
"title": "HPSBMU03396",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2"
},
{
"title": "HPSBMU03397",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2"
},
{
"title": "HPSBMU03409",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"title": "HPSBMU03413",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2"
},
{
"title": "HPSBMU03380",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
},
{
"title": "HPSBHF03289",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c04602055"
},
{
"title": "HPSBMU03611",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05150888"
},
{
"title": "HPSBMU03612",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05158380"
},
{
"title": "NV15-017",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-017.html"
},
{
"title": "DH client certificates accepted without verification [Server] (CVE-2015-0205)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv_20150108.txt"
},
{
"title": "Oracle Critical Patch Update Advisory - April 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - October 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015verbose-2367954.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015verbose-2367947.html"
},
{
"title": "Oracle Third Party Bulletin - January 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"title": "RHSA-2015:0066",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2015-0066.html"
},
{
"title": "April 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update"
},
{
"title": "October 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2015_critical_patch_update"
},
{
"title": "July 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2016_critical_patch_update"
},
{
"title": "July 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2015_critical_patch_update"
},
{
"title": "cisco-sa-20150310-ssl",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/112/1128/1128755_cisco-sa-20150310-ssl-j.html"
},
{
"title": "\u682a\u5f0f\u4f1a\u793e\u30d0\u30c3\u30d5\u30a1\u30ed\u30fc \u306e\u544a\u77e5\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://buffalo.jp/support_s/s20150327b.html"
},
{
"title": "Red Hat: Moderate: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150066 - Security Advisory"
},
{
"title": "Red Hat: CVE-2015-0205",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-0205"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2459-1"
},
{
"title": "Debian Security Advisories: DSA-3125-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a3210fee56d96657bbff4ad44c3d0807"
},
{
"title": "Tenable Security Advisories: [R7] OpenSSL \u002720150108\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2015-03"
},
{
"title": "Amazon Linux AMI: ALAS-2015-469",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-469"
},
{
"title": "Symantec Security Advisories: SA88 : OpenSSL Security Advisory 08-Jan-2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=9281dc3b1a760e1cf2711cdf82cf64d7"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150310-ssl"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eaf98750f1130c39e83765575c69e165"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1"
},
{
"title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=459961024c4bdce7bb3a1a40a65a6f2e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "JPN_RIC13351-2",
"trust": 0.1,
"url": "https://github.com/neominds/JPN_RIC13351-2 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-0205"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001010"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-310",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001010"
},
{
"db": "NVD",
"id": "CVE-2015-0205"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.6,
"url": "https://www.openssl.org/news/secadv_20150108.txt"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150310-ssl"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.4,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0066.html"
},
{
"trust": 1.1,
"url": "https://github.com/openssl/openssl/commit/1421e0c584ae9120ca1b88098f13d6d2e90b83a3"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-january/147938.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-january/148363.html"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:019"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3125"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05158380"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa88"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033378"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10108"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10102"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/71941"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99708"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu98974537"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0205"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765169"
},
{
"trust": 0.3,
"url": "http://www.pexip.com/sites/pexip/files/pexip_security_bulletin_2015-01-30.pdf"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699883"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699667"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04746490"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04602055"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765115"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774019"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774021"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05150888"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05158380"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883857"
},
{
"trust": 0.3,
"url": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory12.asc"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101008182"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963783"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098593"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903299"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022575"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005159"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700275"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005170"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097503"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097811"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697291"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097796"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21697162"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005150"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009328"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695985"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022074"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098358"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694849"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097360"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699052"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698506"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699069"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.3,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-0205"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2015:0066"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2459-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5432"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5433"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-9.3.patch"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571\u003e"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv_20150108.txt\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-10.0.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-10.1.patch"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-15:01.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-10.0.patch"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-9.3.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-10.1.patch.asc"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0289"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0287"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150319.txt"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150108.txt"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5409"
},
{
"trust": 0.1,
"url": "http://h20566.www2.hpe.com/hpsc/doc/public/display?calledby=search_result\u0026doc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5412"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5413"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-20861d704bc04221a1518b7cb6"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5410"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5411"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0207"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0226"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0285"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9653"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04746490\u0026la"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1692"
},
{
"trust": 0.1,
"url": "http://www.hp.com/go/insightupdates"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0248"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04762744"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0204"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0206"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8275"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3572"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3571"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3570"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-0205"
},
{
"db": "BID",
"id": "71941"
},
{
"db": "PACKETSTORM",
"id": "133317"
},
{
"db": "PACKETSTORM",
"id": "129973"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "133316"
},
{
"db": "PACKETSTORM",
"id": "129870"
},
{
"db": "PACKETSTORM",
"id": "133325"
},
{
"db": "PACKETSTORM",
"id": "130051"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001010"
},
{
"db": "NVD",
"id": "CVE-2015-0205"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2015-0205",
"ident": null
},
{
"db": "BID",
"id": "71941",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133317",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129973",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131044",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133316",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129870",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133325",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130051",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001010",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-0205",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-01-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-0205",
"ident": null
},
{
"date": "2015-01-08T00:00:00",
"db": "BID",
"id": "71941",
"ident": null
},
{
"date": "2015-08-26T01:33:18",
"db": "PACKETSTORM",
"id": "133317",
"ident": null
},
{
"date": "2015-01-15T16:53:07",
"db": "PACKETSTORM",
"id": "129973",
"ident": null
},
{
"date": "2015-03-27T20:42:44",
"db": "PACKETSTORM",
"id": "131044",
"ident": null
},
{
"date": "2015-08-26T01:33:07",
"db": "PACKETSTORM",
"id": "133316",
"ident": null
},
{
"date": "2015-01-09T17:43:35",
"db": "PACKETSTORM",
"id": "129870",
"ident": null
},
{
"date": "2015-08-26T01:35:08",
"db": "PACKETSTORM",
"id": "133325",
"ident": null
},
{
"date": "2015-01-22T01:35:41",
"db": "PACKETSTORM",
"id": "130051",
"ident": null
},
{
"date": "2015-01-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001010",
"ident": null
},
{
"date": "2015-01-09T02:59:11.273000",
"db": "NVD",
"id": "CVE-2015-0205",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-11-15T00:00:00",
"db": "VULMON",
"id": "CVE-2015-0205",
"ident": null
},
{
"date": "2017-01-23T00:09:00",
"db": "BID",
"id": "71941",
"ident": null
},
{
"date": "2016-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001010",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-0205",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "71941"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "OpenSSL of s3_srvr.c of ssl3_get_cert_verify Vulnerability to gain access to functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001010"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "71941"
}
],
"trust": 0.3
}
}
VAR-201304-0189
Vulnerability from variot - Updated: 2026-04-10 23:24Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. (DoS) An attack may be carried out. Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Beans' sub-component. This vulnerability affects the following supported versions: 7 Update 17 , 6 Update 43. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03809278
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03809278 Version: 1
HPSBUX02889 SSRT101252 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2013-07-01 Last Updated: 2013-07-01
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v6.0.18 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2013-0401 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1491 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1518 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1537 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1540 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2013-1557 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1558 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1563 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-1569 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2383 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2384 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2394 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-2417 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2418 (AV:L/AC:L/Au:N/C:P/I:P/A:P) 4.6 CVE-2013-2419 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2420 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2422 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2424 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2429 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-2430 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-2432 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2433 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2013-2434 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2435 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2439 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2013-2440 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location
http://www.hp.com/java
OS Version Release Version
HP-UX B.11.11, B.11.23, B.11.31 JDK and JRE v6.0.19 or subsequent
MANUAL ACTIONS: Yes - Update For Java v6.0 update to Java v6.0.19 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11 HP-UX B.11.23 =========== Jdk60.JDK60-COM Jdk60.JDK60-PA20 Jdk60.JDK60-PA20W Jre60.JRE60-COM Jre60.JRE60-COM-DOC Jre60.JRE60-PA20 Jre60.JRE60-PA20-HS Jre60.JRE60-PA20W Jre60.JRE60-PA20W-HS Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.19.00 or subsequent
HP-UX B.11.23 HP-UX B.11.31 =========== Jdk60.JDK60-COM Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.19.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) - 1 July 2013 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: java-1.7.0-openjdk security update Advisory ID: RHSA-2013:0751-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0751.html Issue date: 2013-04-17 CVE Names: CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2436 =====================================================================
- Summary:
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64
- Description:
These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit.
Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384)
Multiple improper permission check issues were discovered in the Beans, Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-1558, CVE-2013-2422, CVE-2013-2436, CVE-2013-1518, CVE-2013-1557)
The previous default value of the java.rmi.server.useCodebaseOnly property permitted the RMI implementation to automatically load classes from remotely specified locations. An attacker able to connect to an application using RMI could use this flaw to make the application execute arbitrary code. (CVE-2013-1537)
Note: The fix for CVE-2013-1537 changes the default value of the property to true, restricting class loading to the local CLASSPATH and locations specified in the java.rmi.server.codebase property. Refer to Red Hat Bugzilla bug 952387 for additional details.
The 2D component did not properly process certain images. An untrusted Java application or applet could possibly use this flaw to trigger Java Virtual Machine memory corruption. (CVE-2013-2420)
It was discovered that the Hotspot component did not properly handle certain intrinsic frames, and did not correctly perform access checks and MethodHandle lookups. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-2431, CVE-2013-2421, CVE-2013-2423)
It was discovered that JPEGImageReader and JPEGImageWriter in the ImageIO component did not protect against modification of their state while performing certain native code operations. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-2429, CVE-2013-2430)
The JDBC driver manager could incorrectly call the toString() method in JDBC drivers, and the ConcurrentHashMap class could incorrectly call the defaultReadObject() method. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2013-1488, CVE-2013-2426)
The sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2013-0401)
Flaws were discovered in the Network component's InetAddress serialization, and the 2D component's font handling. An untrusted Java application or applet could possibly use these flaws to crash the Java Virtual Machine. (CVE-2013-2417, CVE-2013-2419)
The MBeanInstantiator class implementation in the OpenJDK JMX component did not properly check class access before creating new instances. An untrusted Java application or applet could use this flaw to create instances of non-public classes. (CVE-2013-2424)
It was discovered that JAX-WS could possibly create temporary files with insecure permissions. A local attacker could use this flaw to access temporary files created by an application using JAX-WS. (CVE-2013-2415)
Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
This erratum also upgrades the OpenJDK package to IcedTea7 2.3.9. Refer to the NEWS file, linked to in the References, for further information.
All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
920245 - CVE-2013-0401 OpenJDK: unspecified sandbox bypass (CanSecWest 2013, AWT) 920247 - CVE-2013-1488 OpenJDK: unspecified sanbox bypass (CanSecWest 2013, Libraries) 952387 - CVE-2013-1537 OpenJDK: remote code loading enabled by default (RMI, 8001040) 952389 - CVE-2013-2415 OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542) 952398 - CVE-2013-2423 OpenJDK: incorrect setter access checks in MethodHandles (Hostspot, 8009677) 952509 - CVE-2013-2424 OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435) 952521 - CVE-2013-2429 OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918) 952524 - CVE-2013-2430 OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667) 952550 - CVE-2013-2436 OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049) 952638 - CVE-2013-2420 OpenJDK: image processing vulnerability (2D, 8007617) 952640 - CVE-2013-1558 OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507) 952642 - CVE-2013-2422 OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857) 952645 - CVE-2013-2431 OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336) 952646 - CVE-2013-1518 OpenJDK: JAXP missing security restrictions (JAXP, 6657673) 952648 - CVE-2013-1557 OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329) 952649 - CVE-2013-2421 OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699) 952653 - CVE-2013-2426 OpenJDK: ConcurrentHashMap incorrectly calls defaultReadObject() method (Libraries, 8009063) 952656 - CVE-2013-2419 OpenJDK: font processing errors (2D, 8001031) 952657 - CVE-2013-2417 OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724) 952708 - CVE-2013-2383 OpenJDK: font layout and glyph table errors (2D, 8004986) 952709 - CVE-2013-2384 OpenJDK: font layout and glyph table errors (2D, 8004987) 952711 - CVE-2013-1569 OpenJDK: font layout and glyph table errors (2D, 8004994)
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm
i386: java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el6_4.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm
x86_64: java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el6_4.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm
i386: java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el6_4.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm
i386: java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el6_4.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0401.html https://www.redhat.com/security/data/cve/CVE-2013-1488.html https://www.redhat.com/security/data/cve/CVE-2013-1518.html https://www.redhat.com/security/data/cve/CVE-2013-1537.html https://www.redhat.com/security/data/cve/CVE-2013-1557.html https://www.redhat.com/security/data/cve/CVE-2013-1558.html https://www.redhat.com/security/data/cve/CVE-2013-1569.html https://www.redhat.com/security/data/cve/CVE-2013-2383.html https://www.redhat.com/security/data/cve/CVE-2013-2384.html https://www.redhat.com/security/data/cve/CVE-2013-2415.html https://www.redhat.com/security/data/cve/CVE-2013-2417.html https://www.redhat.com/security/data/cve/CVE-2013-2419.html https://www.redhat.com/security/data/cve/CVE-2013-2420.html https://www.redhat.com/security/data/cve/CVE-2013-2421.html https://www.redhat.com/security/data/cve/CVE-2013-2422.html https://www.redhat.com/security/data/cve/CVE-2013-2423.html https://www.redhat.com/security/data/cve/CVE-2013-2424.html https://www.redhat.com/security/data/cve/CVE-2013-2426.html https://www.redhat.com/security/data/cve/CVE-2013-2429.html https://www.redhat.com/security/data/cve/CVE-2013-2430.html https://www.redhat.com/security/data/cve/CVE-2013-2431.html https://www.redhat.com/security/data/cve/CVE-2013-2436.html https://access.redhat.com/security/updates/classification/#critical http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.9/NEWS
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRbvIqXlSAg2UNWIIRAlJMAKCVluLVfsLBqDgkr0bQ5726zrS77gCfSYDg pRdwVdpsYUlytlzUe+jFDfI= =1mI7 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30
http://security.gentoo.org/
Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30
Synopsis
Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 5 affected packages
Description
Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details. Furthermore, a local or remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code.
Workaround
There is no known workaround at this time.
Resolution
All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"
All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"
All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version:
# emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"
All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea.
References
[ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-30.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFRh65bmqjQ0CJFipgRAqwjAJwJ3EJeMQD/k2+PhJKSlr4iSF87LACgkgaV khdurS1ieNR2RbbbTeL+aP8= =qNFz -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15
Java for OS X 2013-003 and Mac OS X v10.6 Update 15 are now available and address the following:
Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Impact: Multiple vulnerabilities in Java 1.6.0_43 Description: Multiple vulnerabilities existed in Java 1.6.0_43, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_45. Further information is available via the Java website at http://www.o racle.com/technetwork/java/javase/releasenotes-136954.html CVE-ID CVE-2013-1491 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1558 CVE-2013-1563 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2394 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2422 CVE-2013-2424 CVE-2013-2429 CVE-2013-2430 CVE-2013-2432 CVE-2013-2435 CVE-2013-2437 CVE-2013-2440
Java for OS X 2013-003 and Mac OS X v10.6 Update 15 may be obtained from the Software Update pane in System Preferences, Mac App Store, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems The download file is named: JavaForMacOSX10.6.Update15.dmg Its SHA-1 digest is: 56a950f7a89f2a1c39de01b2b1998986f132be57
For OS X Lion and Mountain Lion systems The download file is named: JavaForOSX2013-003.dmg Its SHA-1 digest is: 3393ff8642b6e29cacaf10fbb04f76e657cc313a
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJRbatSAAoJEPefwLHPlZEwsl4P/ixeRjTgN3MFTNK4VTobV93j zbj99S53RY0R7vOd7lZe6QMnLjvAEC+wF5BEsWcLbI/+L1ewufE62TeC3K0v7QH6 GExzGa41GCfICF3cUSQNopXy3KvskLACpOmK3LKxUUtP2NL7+As3HpXyaU3pPvxk EQE/Af9p4IzPECvZzBe8KfJuQWeUWYiQhN+nH6ei4E2FS6vXaUlTpOn6sUVyeDfR JX3NFmbXuJB0RKQcKicGSx8x1lZTRFSVPbb6HPfcvHHnfUe2WqqA6SwUZavrtY6C jiSqAB5Vog8oTP4XZhgrxPlqohZqnYJ7Fnimrk+LeiPrJ2Is3W6TM9kEhU6vfgCm xIDC0GuZRToiWDzUQskeNitUDLGYz+32a/4ZyFLGtHZdiGhOgiuqGuYPnCdRvhGt 9kMgcOC5f/C1uBNAw8pCDfsqm00dmA6IV1QRHZLGKQhUsiu3PbhftB0EiUiEwlcX la5Xvp+3AkupO8Gc0JOnAvVgYy7s6IupHUzwsMD3vDEzaF1lrQ6+z6tjhibhc+mb y0VycheIUSUyNuLt6js06wyhK8VW5vkNFG+Ogj1xm/3Y2sSJQfxGsOMqRwrkBN7p EEKV7Nck9G/qsuKBzEZJ3CFDkF6RJezoYN8v3QG+sZLEt4WFVkmtG86NgEVPu6gp tyT4/+vnaqKDRbcwCKXy =bvDt -----END PGP SIGNATURE----- . Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.7.0 8",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 43",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 10",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.7.0 8",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 13",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 12",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.7.0 10",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 37",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 11",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.7"
},
{
"_id": null,
"model": "jre 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 01",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 9",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 9",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 13",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.7.0 11",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 43",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.7"
},
{
"_id": null,
"model": "jdk 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 17",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.6.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7 and later"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.8 and later"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7 and later"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "6 update 43"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "7 update 17"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "6 update 43"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "7 update 17"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6 update 21"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6 update 21"
},
{
"_id": null,
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer\u0027s kit for java",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"_id": null,
"model": "cosminexus server - standard edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - web edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- standard edition version 4"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- web edition version 4"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard-r"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "for plug-in"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus operator",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"_id": null,
"model": "ucosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard-r"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"_id": null,
"model": "jdk 1.7.0 17",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 01-b06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.7.0 12",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 2",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 01",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 20",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "one-x client enablement service sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "trio tview software",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.27.0"
},
{
"_id": null,
"model": "intelligent operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "one-x client enablement service sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "maximo asset management essentials",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "websphere cast iron cloud integration virtual applianc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "java se",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "trio tview software",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.29.0"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-00"
},
{
"_id": null,
"model": "virtualization engine ts7700",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.31.0.89"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.1"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "cosminexus server web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "4"
},
{
"_id": null,
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-70"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "websphere cast iron cloud integration studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "lotus notes fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.35"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "lotus domino fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.35"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.6"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0"
},
{
"_id": null,
"model": "intelligent operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "ucosminexus operator",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.5"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1"
},
{
"_id": null,
"model": "one-x client enablement service",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "websphere cast iron cloud integration physical applian",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.1"
},
{
"_id": null,
"model": "one-x client enablement service sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"_id": null,
"model": "cosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli system automation for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.2"
},
{
"_id": null,
"model": "tivoli system automation for integrated operations management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "4.0"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "8.0"
},
{
"_id": null,
"model": "websphere operational decision management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "rational host on-demand",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.7"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "010"
},
{
"_id": null,
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "rational host on-demand",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.8"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "websphere cast iron cloud integration live saas offeri",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.2"
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56009.7"
},
{
"_id": null,
"model": "cosminexus server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "4"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.4"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "maximo asset management essentials",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.3"
},
{
"_id": null,
"model": "aura communication manager utility services sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.16.1.0.9.8"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"_id": null,
"model": "one-x client enablement service sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "websphere ilog jrules",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"_id": null,
"model": "websphere cast iron cloud integration virtual applianc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "cosminexus developer professional",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.4"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "tivoli remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"_id": null,
"model": "websphere cast iron cloud integration virtual applianc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "websphere cast iron cloud integration physical applian",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"_id": null,
"model": "tivoli system automation application manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "cosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.2"
},
{
"_id": null,
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.0"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "ucosminexus developer professional for plug-in",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "intelligent operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"_id": null,
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.3"
},
{
"_id": null,
"model": "tivoli system automation for integrated operations management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.4"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "virtualization engine ts7700",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "tivoli system automation for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.5"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0"
},
{
"_id": null,
"model": "tivoli system automation application manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "websphere cast iron cloud integration live saas offeri",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.2"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.1"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "maximo asset management essentials",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "java jre/jdk for hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.6.0.18"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "ucosminexus developer professional",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "9.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "tivoli system automation application manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.3"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "cosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.4"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.4"
},
{
"_id": null,
"model": "websphere cast iron cloud integration studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.7"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.2"
},
{
"_id": null,
"model": "ucosminexus application server smart edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "tivoli system automation for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "websphere cast iron cloud integration physical applian",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "websphere cast iron cloud integration studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "aura conferencing sp1 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "one-x client enablement service sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"_id": null,
"model": "java se",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.5"
},
{
"_id": null,
"model": "jdk 1.6.0 01-b06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "tivoli system automation application manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.2"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"_id": null,
"model": "enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.0.9.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"_id": null,
"model": "rational host on-demand",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "java jre/jdk for hp-ux",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.6.0.19.00"
},
{
"_id": null,
"model": "tivoli system automation for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
}
],
"sources": [
{
"db": "BID",
"id": "59219"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002399"
},
{
"db": "NVD",
"id": "CVE-2013-1558"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:jdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:jre",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:jdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:jre",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_light",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_operator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_architect",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_platform",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002399"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "121320"
},
{
"db": "PACKETSTORM",
"id": "121321"
},
{
"db": "PACKETSTORM",
"id": "121630"
},
{
"db": "PACKETSTORM",
"id": "121351"
},
{
"db": "PACKETSTORM",
"id": "121352"
}
],
"trust": 0.5
},
"cve": "CVE-2013-1558",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-1558",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-1558",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-1558",
"trust": 0.8,
"value": "High"
},
{
"author": "VULMON",
"id": "CVE-2013-1558",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-1558"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002399"
},
{
"db": "NVD",
"id": "CVE-2013-1558"
}
]
},
"description": {
"_id": null,
"data": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. (DoS) An attack may be carried out. Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment. \nThe vulnerability can be exploited over multiple protocols. This issue affects the \u0027Beans\u0027 sub-component. \nThis vulnerability affects the following supported versions:\n7 Update 17 , 6 Update 43. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c03809278\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03809278\nVersion: 1\n\nHPSBUX02889 SSRT101252 rev.1 - HP-UX Running Java, Remote Unauthorized\nAccess, Disclosure of Information, and Other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2013-07-01\nLast Updated: 2013-07-01\n\nPotential Security Impact: Remote unauthorized access, disclosure of\ninformation, and other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in the Java Runtime\nEnvironment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These\nvulnerabilities could allow remote unauthorized access, disclosure of\ninformation, and other exploits. \nHP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v6.0.18 and\nearlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2013-0401 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1491 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1518 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1537 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1540 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2013-1557 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1558 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1563 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2013-1569 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2383 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2384 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2394 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2013-2417 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-2418 (AV:L/AC:L/Au:N/C:P/I:P/A:P) 4.6\nCVE-2013-2419 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-2420 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2422 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2424 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-2429 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2013-2430 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2013-2432 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2433 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2013-2434 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2435 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2439 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9\nCVE-2013-2440 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following Java version upgrade to resolve these\nvulnerabilities. \nThe upgrade is available from the following location\n\nhttp://www.hp.com/java\n\nOS Version\n Release Version\n\nHP-UX B.11.11, B.11.23, B.11.31\n JDK and JRE v6.0.19 or subsequent\n\nMANUAL ACTIONS: Yes - Update\nFor Java v6.0 update to Java v6.0.19 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\nHP-UX B.11.23\n===========\nJdk60.JDK60-COM\nJdk60.JDK60-PA20\nJdk60.JDK60-PA20W\nJre60.JRE60-COM\nJre60.JRE60-COM-DOC\nJre60.JRE60-PA20\nJre60.JRE60-PA20-HS\nJre60.JRE60-PA20W\nJre60.JRE60-PA20W-HS\nJdk60.JDK60-IPF32\nJdk60.JDK60-IPF64\nJre60.JRE60-COM\nJre60.JRE60-IPF32\nJre60.JRE60-IPF32-HS\nJre60.JRE60-IPF64\nJre60.JRE60-IPF64-HS\naction: install revision 1.6.0.19.00 or subsequent\n\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJdk60.JDK60-COM\nJdk60.JDK60-IPF32\nJdk60.JDK60-IPF64\nJre60.JRE60-IPF32\nJre60.JRE60-IPF32-HS\nJre60.JRE60-IPF64\nJre60.JRE60-IPF64-HS\nJre60.JRE60-COM\nJre60.JRE60-IPF32\nJre60.JRE60-IPF32-HS\nJre60.JRE60-IPF64\nJre60.JRE60-IPF64-HS\naction: install revision 1.6.0.19.00 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\n\nVersion:1 (rev.1) - 1 July 2013 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2013 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: java-1.7.0-openjdk security update\nAdvisory ID: RHSA-2013:0751-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0751.html\nIssue date: 2013-04-17\nCVE Names: CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 \n CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 \n CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 \n CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 \n CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 \n CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 \n CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 \n CVE-2013-2436 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-openjdk packages that fix various security issues are\nnow available for Red Hat Enterprise Linux 6. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64\n\n3. Description:\n\nThese packages provide the OpenJDK 7 Java Runtime Environment and the\nOpenJDK 7 Software Development Kit. \n\nMultiple flaws were discovered in the font layout engine in the 2D\ncomponent. An untrusted Java application or applet could possibly use these\nflaws to trigger Java Virtual Machine memory corruption. (CVE-2013-1569,\nCVE-2013-2383, CVE-2013-2384)\n\nMultiple improper permission check issues were discovered in the Beans,\nLibraries, JAXP, and RMI components in OpenJDK. An untrusted Java\napplication or applet could use these flaws to bypass Java sandbox\nrestrictions. (CVE-2013-1558, CVE-2013-2422, CVE-2013-2436, CVE-2013-1518,\nCVE-2013-1557)\n\nThe previous default value of the java.rmi.server.useCodebaseOnly property\npermitted the RMI implementation to automatically load classes from\nremotely specified locations. An attacker able to connect to an application\nusing RMI could use this flaw to make the application execute arbitrary\ncode. (CVE-2013-1537)\n\nNote: The fix for CVE-2013-1537 changes the default value of the property\nto true, restricting class loading to the local CLASSPATH and locations\nspecified in the java.rmi.server.codebase property. Refer to Red Hat\nBugzilla bug 952387 for additional details. \n\nThe 2D component did not properly process certain images. An untrusted Java\napplication or applet could possibly use this flaw to trigger Java Virtual\nMachine memory corruption. (CVE-2013-2420)\n\nIt was discovered that the Hotspot component did not properly handle\ncertain intrinsic frames, and did not correctly perform access checks and\nMethodHandle lookups. An untrusted Java application or applet could\nuse these flaws to bypass Java sandbox restrictions. (CVE-2013-2431,\nCVE-2013-2421, CVE-2013-2423)\n\nIt was discovered that JPEGImageReader and JPEGImageWriter in the ImageIO\ncomponent did not protect against modification of their state while\nperforming certain native code operations. An untrusted Java application or\napplet could possibly use these flaws to trigger Java Virtual Machine\nmemory corruption. (CVE-2013-2429, CVE-2013-2430)\n\nThe JDBC driver manager could incorrectly call the toString() method in\nJDBC drivers, and the ConcurrentHashMap class could incorrectly call the\ndefaultReadObject() method. An untrusted Java application or applet could\npossibly use these flaws to bypass Java sandbox restrictions. \n(CVE-2013-1488, CVE-2013-2426)\n\nThe sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly\ninvoke the system class loader. An untrusted Java application or applet\ncould possibly use this flaw to bypass certain Java sandbox restrictions. \n(CVE-2013-0401)\n\nFlaws were discovered in the Network component\u0027s InetAddress serialization,\nand the 2D component\u0027s font handling. An untrusted Java application or\napplet could possibly use these flaws to crash the Java Virtual Machine. \n(CVE-2013-2417, CVE-2013-2419)\n\nThe MBeanInstantiator class implementation in the OpenJDK JMX component did\nnot properly check class access before creating new instances. An untrusted\nJava application or applet could use this flaw to create instances of\nnon-public classes. (CVE-2013-2424)\n\nIt was discovered that JAX-WS could possibly create temporary files with\ninsecure permissions. A local attacker could use this flaw to access\ntemporary files created by an application using JAX-WS. (CVE-2013-2415)\n\nNote: If the web browser plug-in provided by the icedtea-web package was\ninstalled, the issues exposed via Java applets could have been exploited\nwithout user interaction if a user visited a malicious website. \n\nThis erratum also upgrades the OpenJDK package to IcedTea7 2.3.9. Refer to\nthe NEWS file, linked to in the References, for further information. \n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n920245 - CVE-2013-0401 OpenJDK: unspecified sandbox bypass (CanSecWest 2013, AWT)\n920247 - CVE-2013-1488 OpenJDK: unspecified sanbox bypass (CanSecWest 2013, Libraries)\n952387 - CVE-2013-1537 OpenJDK: remote code loading enabled by default (RMI, 8001040)\n952389 - CVE-2013-2415 OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542)\n952398 - CVE-2013-2423 OpenJDK: incorrect setter access checks in MethodHandles (Hostspot, 8009677)\n952509 - CVE-2013-2424 OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435)\n952521 - CVE-2013-2429 OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)\n952524 - CVE-2013-2430 OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)\n952550 - CVE-2013-2436 OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049)\n952638 - CVE-2013-2420 OpenJDK: image processing vulnerability (2D, 8007617)\n952640 - CVE-2013-1558 OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507)\n952642 - CVE-2013-2422 OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)\n952645 - CVE-2013-2431 OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)\n952646 - CVE-2013-1518 OpenJDK: JAXP missing security restrictions (JAXP, 6657673)\n952648 - CVE-2013-1557 OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)\n952649 - CVE-2013-2421 OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)\n952653 - CVE-2013-2426 OpenJDK: ConcurrentHashMap incorrectly calls defaultReadObject() method (Libraries, 8009063)\n952656 - CVE-2013-2419 OpenJDK: font processing errors (2D, 8001031)\n952657 - CVE-2013-2417 OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)\n952708 - CVE-2013-2383 OpenJDK: font layout and glyph table errors (2D, 8004986)\n952709 - CVE-2013-2384 OpenJDK: font layout and glyph table errors (2D, 8004987)\n952711 - CVE-2013-1569 OpenJDK: font layout and glyph table errors (2D, 8004994)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el6_4.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el6_4.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el6_4.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el6_4.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0401.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1488.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1518.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1537.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1557.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1558.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1569.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2383.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2384.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2415.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2417.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2419.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2420.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2421.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2422.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2423.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2424.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2426.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2429.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2430.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2431.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2436.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.9/NEWS\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRbvIqXlSAg2UNWIIRAlJMAKCVluLVfsLBqDgkr0bQ5726zrS77gCfSYDg\npRdwVdpsYUlytlzUe+jFDfI=\n=1mI7\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201401-30\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Oracle JRE/JDK: Multiple vulnerabilities\n Date: January 27, 2014\n Bugs: #404071, #421073, #433094, #438706, #451206, #455174,\n #458444, #460360, #466212, #473830, #473980, #488210, #498148\n ID: 201401-30\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the Oracle JRE/JDK,\nallowing attackers to cause unspecified impact. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-java/sun-jdk \u003c= 1.6.0.45 Vulnerable!\n 2 dev-java/oracle-jdk-bin \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n 3 dev-java/sun-jre-bin \u003c= 1.6.0.45 Vulnerable!\n 4 dev-java/oracle-jre-bin \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n 5 app-emulation/emul-linux-x86-java\n \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. \n -------------------------------------------------------------------\n NOTE: Packages marked with asterisks require manual intervention!\n -------------------------------------------------------------------\n 5 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been reported in the Oracle Java\nimplementation. Please review the CVE identifiers referenced below for\ndetails. \nFurthermore, a local or remote attacker could exploit these\nvulnerabilities to cause unspecified impact, possibly including remote\nexecution of arbitrary code. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Oracle JDK 1.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=dev-java/oracle-jdk-bin-1.7.0.51\"\n\nAll Oracle JRE 1.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=dev-java/oracle-jre-bin-1.7.0.51\"\n\nAll users of the precompiled 32-bit Oracle JRE should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge -a -1 -v \"\u003e=app-emulation/emul-linux-x86-java-1.7.0.51\"\n\nAll Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one\nof the newer Oracle packages like dev-java/oracle-jdk-bin or\ndev-java/oracle-jre-bin or choose another alternative we provide; eg. \nthe IBM JDK/JRE or the open source IcedTea. \n\nReferences\n==========\n\n[ 1 ] CVE-2011-3563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[ 2 ] CVE-2011-5035\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[ 3 ] CVE-2012-0497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[ 4 ] CVE-2012-0498\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498\n[ 5 ] CVE-2012-0499\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499\n[ 6 ] CVE-2012-0500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500\n[ 7 ] CVE-2012-0501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[ 8 ] CVE-2012-0502\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[ 9 ] CVE-2012-0503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[ 10 ] CVE-2012-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504\n[ 11 ] CVE-2012-0505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[ 12 ] CVE-2012-0506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[ 13 ] CVE-2012-0507\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507\n[ 14 ] CVE-2012-0547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[ 15 ] CVE-2012-1531\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531\n[ 16 ] CVE-2012-1532\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532\n[ 17 ] CVE-2012-1533\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533\n[ 18 ] CVE-2012-1541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541\n[ 19 ] CVE-2012-1682\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682\n[ 20 ] CVE-2012-1711\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[ 21 ] CVE-2012-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[ 22 ] CVE-2012-1716\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[ 23 ] CVE-2012-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[ 24 ] CVE-2012-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[ 25 ] CVE-2012-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[ 26 ] CVE-2012-1721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721\n[ 27 ] CVE-2012-1722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722\n[ 28 ] CVE-2012-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[ 29 ] CVE-2012-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[ 30 ] CVE-2012-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[ 31 ] CVE-2012-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[ 32 ] CVE-2012-3136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136\n[ 33 ] CVE-2012-3143\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143\n[ 34 ] CVE-2012-3159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159\n[ 35 ] CVE-2012-3174\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174\n[ 36 ] CVE-2012-3213\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213\n[ 37 ] CVE-2012-3216\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[ 38 ] CVE-2012-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342\n[ 39 ] CVE-2012-4416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[ 40 ] CVE-2012-4681\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681\n[ 41 ] CVE-2012-5067\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067\n[ 42 ] CVE-2012-5068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[ 43 ] CVE-2012-5069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[ 44 ] CVE-2012-5070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[ 45 ] CVE-2012-5071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[ 46 ] CVE-2012-5072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[ 47 ] CVE-2012-5073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[ 48 ] CVE-2012-5074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[ 49 ] CVE-2012-5075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[ 50 ] CVE-2012-5076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[ 51 ] CVE-2012-5077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[ 52 ] CVE-2012-5079\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079\n[ 53 ] CVE-2012-5081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[ 54 ] CVE-2012-5083\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083\n[ 55 ] CVE-2012-5084\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[ 56 ] CVE-2012-5085\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[ 57 ] CVE-2012-5086\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[ 58 ] CVE-2012-5087\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[ 59 ] CVE-2012-5088\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088\n[ 60 ] CVE-2012-5089\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[ 61 ] CVE-2013-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[ 62 ] CVE-2013-0351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351\n[ 63 ] CVE-2013-0401\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[ 64 ] CVE-2013-0402\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402\n[ 65 ] CVE-2013-0409\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409\n[ 66 ] CVE-2013-0419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419\n[ 67 ] CVE-2013-0422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422\n[ 68 ] CVE-2013-0423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423\n[ 69 ] CVE-2013-0430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430\n[ 70 ] CVE-2013-0437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437\n[ 71 ] CVE-2013-0438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438\n[ 72 ] CVE-2013-0445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445\n[ 73 ] CVE-2013-0446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446\n[ 74 ] CVE-2013-0448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448\n[ 75 ] CVE-2013-0449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449\n[ 76 ] CVE-2013-0809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[ 77 ] CVE-2013-1473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473\n[ 78 ] CVE-2013-1479\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479\n[ 79 ] CVE-2013-1481\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481\n[ 80 ] CVE-2013-1484\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[ 81 ] CVE-2013-1485\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[ 82 ] CVE-2013-1486\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[ 83 ] CVE-2013-1487\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487\n[ 84 ] CVE-2013-1488\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[ 85 ] CVE-2013-1491\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491\n[ 86 ] CVE-2013-1493\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[ 87 ] CVE-2013-1500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[ 88 ] CVE-2013-1518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[ 89 ] CVE-2013-1537\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[ 90 ] CVE-2013-1540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540\n[ 91 ] CVE-2013-1557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[ 92 ] CVE-2013-1558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558\n[ 93 ] CVE-2013-1561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561\n[ 94 ] CVE-2013-1563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563\n[ 95 ] CVE-2013-1564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564\n[ 96 ] CVE-2013-1569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[ 97 ] CVE-2013-1571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[ 98 ] CVE-2013-2383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[ 99 ] CVE-2013-2384\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 100 ] CVE-2013-2394\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394\n[ 101 ] CVE-2013-2400\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400\n[ 102 ] CVE-2013-2407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 103 ] CVE-2013-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 104 ] CVE-2013-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414\n[ 105 ] CVE-2013-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 106 ] CVE-2013-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416\n[ 107 ] CVE-2013-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 108 ] CVE-2013-2418\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418\n[ 109 ] CVE-2013-2419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 110 ] CVE-2013-2420\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 111 ] CVE-2013-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 112 ] CVE-2013-2422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 113 ] CVE-2013-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 114 ] CVE-2013-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 115 ] CVE-2013-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425\n[ 116 ] CVE-2013-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 117 ] CVE-2013-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427\n[ 118 ] CVE-2013-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428\n[ 119 ] CVE-2013-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 120 ] CVE-2013-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 121 ] CVE-2013-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 122 ] CVE-2013-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432\n[ 123 ] CVE-2013-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433\n[ 124 ] CVE-2013-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434\n[ 125 ] CVE-2013-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435\n[ 126 ] CVE-2013-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 127 ] CVE-2013-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437\n[ 128 ] CVE-2013-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438\n[ 129 ] CVE-2013-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439\n[ 130 ] CVE-2013-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440\n[ 131 ] CVE-2013-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442\n[ 132 ] CVE-2013-2443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 133 ] CVE-2013-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 134 ] CVE-2013-2445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 135 ] CVE-2013-2446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 136 ] CVE-2013-2447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 137 ] CVE-2013-2448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 138 ] CVE-2013-2449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 139 ] CVE-2013-2450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 140 ] CVE-2013-2451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 141 ] CVE-2013-2452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 142 ] CVE-2013-2453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 143 ] CVE-2013-2454\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 144 ] CVE-2013-2455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 145 ] CVE-2013-2456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 146 ] CVE-2013-2457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 147 ] CVE-2013-2458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 148 ] CVE-2013-2459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 149 ] CVE-2013-2460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 150 ] CVE-2013-2461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 151 ] CVE-2013-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462\n[ 152 ] CVE-2013-2463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 153 ] CVE-2013-2464\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464\n[ 154 ] CVE-2013-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 155 ] CVE-2013-2466\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466\n[ 156 ] CVE-2013-2467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467\n[ 157 ] CVE-2013-2468\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468\n[ 158 ] CVE-2013-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 159 ] CVE-2013-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 160 ] CVE-2013-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 161 ] CVE-2013-2472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 162 ] CVE-2013-2473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 163 ] CVE-2013-3743\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743\n[ 164 ] CVE-2013-3744\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744\n[ 165 ] CVE-2013-3829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 166 ] CVE-2013-5772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 167 ] CVE-2013-5774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 168 ] CVE-2013-5775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775\n[ 169 ] CVE-2013-5776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776\n[ 170 ] CVE-2013-5777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777\n[ 171 ] CVE-2013-5778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 172 ] CVE-2013-5780\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 173 ] CVE-2013-5782\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 174 ] CVE-2013-5783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 175 ] CVE-2013-5784\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 176 ] CVE-2013-5787\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787\n[ 177 ] CVE-2013-5788\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788\n[ 178 ] CVE-2013-5789\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789\n[ 179 ] CVE-2013-5790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 180 ] CVE-2013-5797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 181 ] CVE-2013-5800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 182 ] CVE-2013-5801\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801\n[ 183 ] CVE-2013-5802\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 184 ] CVE-2013-5803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 185 ] CVE-2013-5804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 186 ] CVE-2013-5805\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 187 ] CVE-2013-5806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 188 ] CVE-2013-5809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 189 ] CVE-2013-5810\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810\n[ 190 ] CVE-2013-5812\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812\n[ 191 ] CVE-2013-5814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 192 ] CVE-2013-5817\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 193 ] CVE-2013-5818\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818\n[ 194 ] CVE-2013-5819\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819\n[ 195 ] CVE-2013-5820\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 196 ] CVE-2013-5823\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 197 ] CVE-2013-5824\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824\n[ 198 ] CVE-2013-5825\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 199 ] CVE-2013-5829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 200 ] CVE-2013-5830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 201 ] CVE-2013-5831\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831\n[ 202 ] CVE-2013-5832\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832\n[ 203 ] CVE-2013-5838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838\n[ 204 ] CVE-2013-5840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 205 ] CVE-2013-5842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 206 ] CVE-2013-5843\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843\n[ 207 ] CVE-2013-5844\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844\n[ 208 ] CVE-2013-5846\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846\n[ 209 ] CVE-2013-5848\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848\n[ 210 ] CVE-2013-5849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 211 ] CVE-2013-5850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 212 ] CVE-2013-5851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 213 ] CVE-2013-5852\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852\n[ 214 ] CVE-2013-5854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854\n[ 215 ] CVE-2013-5870\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870\n[ 216 ] CVE-2013-5878\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878\n[ 217 ] CVE-2013-5887\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887\n[ 218 ] CVE-2013-5888\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888\n[ 219 ] CVE-2013-5889\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889\n[ 220 ] CVE-2013-5893\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893\n[ 221 ] CVE-2013-5895\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895\n[ 222 ] CVE-2013-5896\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896\n[ 223 ] CVE-2013-5898\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898\n[ 224 ] CVE-2013-5899\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899\n[ 225 ] CVE-2013-5902\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902\n[ 226 ] CVE-2013-5904\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904\n[ 227 ] CVE-2013-5905\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905\n[ 228 ] CVE-2013-5906\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906\n[ 229 ] CVE-2013-5907\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907\n[ 230 ] CVE-2013-5910\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910\n[ 231 ] CVE-2014-0368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368\n[ 232 ] CVE-2014-0373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373\n[ 233 ] CVE-2014-0375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375\n[ 234 ] CVE-2014-0376\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376\n[ 235 ] CVE-2014-0382\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382\n[ 236 ] CVE-2014-0385\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385\n[ 237 ] CVE-2014-0387\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387\n[ 238 ] CVE-2014-0403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403\n[ 239 ] CVE-2014-0408\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408\n[ 240 ] CVE-2014-0410\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410\n[ 241 ] CVE-2014-0411\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411\n[ 242 ] CVE-2014-0415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415\n[ 243 ] CVE-2014-0416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416\n[ 244 ] CVE-2014-0417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417\n[ 245 ] CVE-2014-0418\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418\n[ 246 ] CVE-2014-0422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422\n[ 247 ] CVE-2014-0423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423\n[ 248 ] CVE-2014-0424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424\n[ 249 ] CVE-2014-0428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201401-30.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFRh65bmqjQ0CJFipgRAqwjAJwJ3EJeMQD/k2+PhJKSlr4iSF87LACgkgaV\nkhdurS1ieNR2RbbbTeL+aP8=\n=qNFz\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2013-04-16-2 Java for OS X 2013-003 and\nMac OS X v10.6 Update 15\n\nJava for OS X 2013-003 and Mac OS X v10.6 Update 15 are now available\nand address the following:\n\nJava\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 or later, OS X Lion Server v10.7 or later,\nOS X Mountain Lion 10.8 or later\nImpact: Multiple vulnerabilities in Java 1.6.0_43\nDescription: Multiple vulnerabilities existed in Java 1.6.0_43, the\nmost serious of which may allow an untrusted Java applet to execute\narbitrary code outside the Java sandbox. Visiting a web page\ncontaining a maliciously crafted untrusted Java applet may lead to\narbitrary code execution with the privileges of the current user. \nThese issues were addressed by updating to Java version 1.6.0_45. \nFurther information is available via the Java website at http://www.o\nracle.com/technetwork/java/javase/releasenotes-136954.html\nCVE-ID\nCVE-2013-1491\nCVE-2013-1537\nCVE-2013-1540\nCVE-2013-1557\nCVE-2013-1558\nCVE-2013-1563\nCVE-2013-1569\nCVE-2013-2383\nCVE-2013-2384\nCVE-2013-2394\nCVE-2013-2417\nCVE-2013-2419\nCVE-2013-2420\nCVE-2013-2422\nCVE-2013-2424\nCVE-2013-2429\nCVE-2013-2430\nCVE-2013-2432\nCVE-2013-2435\nCVE-2013-2437\nCVE-2013-2440\n\n\nJava for OS X 2013-003 and Mac OS X v10.6 Update 15\nmay be obtained from the Software Update pane in System Preferences,\nMac App Store, or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nFor Mac OS X v10.6 systems\nThe download file is named: JavaForMacOSX10.6.Update15.dmg\nIts SHA-1 digest is: 56a950f7a89f2a1c39de01b2b1998986f132be57\n\nFor OS X Lion and Mountain Lion systems\nThe download file is named: JavaForOSX2013-003.dmg\nIts SHA-1 digest is: 3393ff8642b6e29cacaf10fbb04f76e657cc313a\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJRbatSAAoJEPefwLHPlZEwsl4P/ixeRjTgN3MFTNK4VTobV93j\nzbj99S53RY0R7vOd7lZe6QMnLjvAEC+wF5BEsWcLbI/+L1ewufE62TeC3K0v7QH6\nGExzGa41GCfICF3cUSQNopXy3KvskLACpOmK3LKxUUtP2NL7+As3HpXyaU3pPvxk\nEQE/Af9p4IzPECvZzBe8KfJuQWeUWYiQhN+nH6ei4E2FS6vXaUlTpOn6sUVyeDfR\nJX3NFmbXuJB0RKQcKicGSx8x1lZTRFSVPbb6HPfcvHHnfUe2WqqA6SwUZavrtY6C\njiSqAB5Vog8oTP4XZhgrxPlqohZqnYJ7Fnimrk+LeiPrJ2Is3W6TM9kEhU6vfgCm\nxIDC0GuZRToiWDzUQskeNitUDLGYz+32a/4ZyFLGtHZdiGhOgiuqGuYPnCdRvhGt\n9kMgcOC5f/C1uBNAw8pCDfsqm00dmA6IV1QRHZLGKQhUsiu3PbhftB0EiUiEwlcX\nla5Xvp+3AkupO8Gc0JOnAvVgYy7s6IupHUzwsMD3vDEzaF1lrQ6+z6tjhibhc+mb\ny0VycheIUSUyNuLt6js06wyhK8VW5vkNFG+Ogj1xm/3Y2sSJQfxGsOMqRwrkBN7p\nEEKV7Nck9G/qsuKBzEZJ3CFDkF6RJezoYN8v3QG+sZLEt4WFVkmtG86NgEVPu6gp\ntyT4/+vnaqKDRbcwCKXy\n=bvDt\n-----END PGP SIGNATURE-----\n. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch Update Advisory page, listed in the References section",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1558"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002399"
},
{
"db": "BID",
"id": "59219"
},
{
"db": "VULMON",
"id": "CVE-2013-1558"
},
{
"db": "PACKETSTORM",
"id": "122278"
},
{
"db": "PACKETSTORM",
"id": "121320"
},
{
"db": "PACKETSTORM",
"id": "121321"
},
{
"db": "PACKETSTORM",
"id": "124943"
},
{
"db": "PACKETSTORM",
"id": "121538"
},
{
"db": "PACKETSTORM",
"id": "121630"
},
{
"db": "PACKETSTORM",
"id": "121327"
},
{
"db": "PACKETSTORM",
"id": "121351"
},
{
"db": "PACKETSTORM",
"id": "121352"
}
],
"trust": 2.79
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2013-1558",
"trust": 3.1
},
{
"db": "USCERT",
"id": "TA13-107A",
"trust": 1.9
},
{
"db": "BID",
"id": "59219",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002399",
"trust": 0.8
},
{
"db": "HITACHI",
"id": "HS13-010",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-213-02",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2013-1558",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122278",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121321",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124943",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121538",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121327",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121351",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121352",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-1558"
},
{
"db": "BID",
"id": "59219"
},
{
"db": "PACKETSTORM",
"id": "122278"
},
{
"db": "PACKETSTORM",
"id": "121320"
},
{
"db": "PACKETSTORM",
"id": "121321"
},
{
"db": "PACKETSTORM",
"id": "124943"
},
{
"db": "PACKETSTORM",
"id": "121538"
},
{
"db": "PACKETSTORM",
"id": "121630"
},
{
"db": "PACKETSTORM",
"id": "121327"
},
{
"db": "PACKETSTORM",
"id": "121351"
},
{
"db": "PACKETSTORM",
"id": "121352"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002399"
},
{
"db": "NVD",
"id": "CVE-2013-1558"
}
]
},
"id": "VAR-201304-0189",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2026-04-10T23:24:53.092000Z",
"patch": {
"_id": null,
"data": [
{
"title": "APPLE-SA-2013-04-16-2",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html"
},
{
"title": "HT5734",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5734"
},
{
"title": "HT5734",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5734?viewlocale=ja_JP"
},
{
"title": "HS13-010",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-010/index.html"
},
{
"title": "HPSBUX02889 SSRT101252",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03809278"
},
{
"title": "Oracle Java SE Critical Patch Update Advisory - April 2013",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"title": "Text Form of Oracle Java SE Critical Patch Update - April 2013 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013verbose-1928687.html"
},
{
"title": "RHSA-2013:0752",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-0752.html"
},
{
"title": "RHSA-2013:0758",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-0758.html"
},
{
"title": "RHSA-2013:0757",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html"
},
{
"title": "April 2013 Critical Patch Update for Java SE Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/april_2013_critical_patch_update1"
},
{
"title": "TLSA-2013-2",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2013/TLSA-2013-2j.html"
},
{
"title": "USN-1806-1",
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/USN-1806-1"
},
{
"title": "HS13-010",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-010/index.html"
},
{
"title": "Oracle Corporation Java\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/oracle/20130417.html"
},
{
"title": "Red Hat: CVE-2013-1558",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2013-1558"
},
{
"title": "Red Hat: Important: java-1.6.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20130770 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20130751 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.6.0-sun security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20130758 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20130752 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-oracle security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20130757 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: openjdk-6 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1819-1"
},
{
"title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1806-1"
},
{
"title": "Amazon Linux AMI: ALAS-2013-185",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2013-185"
},
{
"title": "Amazon Linux AMI: ALAS-2013-183",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2013-183"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-1558"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002399"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1558"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.0,
"url": "https://wiki.mageia.org/en/support/advisories/mgasa-2013-0130"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/ncas/alerts/ta13-107a"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0752.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0758.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0757.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/59219"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-1806-1"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2013/apr/msg00001.html"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:161"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19158"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16543"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1558"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1569"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2424"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2422"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2420"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1558"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2383"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1557"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2384"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2419"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1537"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2417"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130417-jre.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2013/at130021.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-107a/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1558"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0401"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2430"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2429"
},
{
"trust": 0.6,
"url": "https://downloads.avaya.com/css/p8/documents/100172168"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1518"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1491"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2394"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1540"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1563"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1569.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2417.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2419.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0401.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2430.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1537.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2422.html"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2383.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1558.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1557.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2424.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2384.html"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2429.html"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1488"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2423"
},
{
"trust": 0.5,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2420.html"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2415"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2418"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2432"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2426.html"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2436.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2415.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2421"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1518.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1488.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2426"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2423.html"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#oracle_april_16_2013_cpu"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21649510"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034690"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034225"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2013/apr/msg00001.html"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03809278"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs13-010/index.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001531"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640206"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21637512"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640420"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100172158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633170"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640763"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645096"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645100"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643544"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21649300"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644918"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647384"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21643697"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642358"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004513"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643618"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643513"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2440"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2435"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2433"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2436"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2431"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2421.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2431.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1540.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2435.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2394.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2432.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1491.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2418.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1563.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2433.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2440.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2439"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2434"
},
{
"trust": 0.2,
"url": "http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.9/news"
},
{
"trust": 0.2,
"url": "https://rhn.redhat.com/errata/rhsa-2013-0751.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2416.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2416"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2438.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2434.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2439.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2013-1558"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/1819-1/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/java"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0507"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5870"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0503"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0419"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5818"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5889"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0449"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2440"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0385"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2427"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2437"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0445"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2468"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3743"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0422"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5893"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3174"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5888"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0373"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5789"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1682"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5899"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5801"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5832"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5848"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0415"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1533"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2400"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3143"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0438"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5810"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5905"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201401-30.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5904"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5831"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3744"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5854"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2394"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0498"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5852"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5777"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0499"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0499"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0409"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1532"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4681"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5083"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0375"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2439"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0376"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5824"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5776"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1531"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0417"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0504"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5819"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0507"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5895"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2466"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-5035"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2418"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5788"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1473"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5887"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0418"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0410"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1717"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5902"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0387"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0502"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1716"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1533"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2438"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0382"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5812"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3213"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5846"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0497"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5775"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5787"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5898"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1531"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1481"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5844"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5906"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1711"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1532"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2435"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1491"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5910"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1487"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1713"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5907"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5896"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5843"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5067"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1682"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0498"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5079"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0411"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1479"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2434"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2464"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5878"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0505"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0408"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0402"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0506"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0430"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5088"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2431"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2426"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2421"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1569"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2420"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1488"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1518"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2419"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2384"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2417"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0401"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2429"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2423"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1557"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2383"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1537"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2436"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2415"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2424"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2430"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2422"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169"
},
{
"trust": 0.1,
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0169.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2013-0822.html"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2437"
},
{
"trust": 0.1,
"url": "http://www.o"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1564"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0402.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2427.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1561"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2414.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2425"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1561.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0402"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2414"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1564.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2425.html"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-1558"
},
{
"db": "BID",
"id": "59219"
},
{
"db": "PACKETSTORM",
"id": "122278"
},
{
"db": "PACKETSTORM",
"id": "121320"
},
{
"db": "PACKETSTORM",
"id": "121321"
},
{
"db": "PACKETSTORM",
"id": "124943"
},
{
"db": "PACKETSTORM",
"id": "121538"
},
{
"db": "PACKETSTORM",
"id": "121630"
},
{
"db": "PACKETSTORM",
"id": "121327"
},
{
"db": "PACKETSTORM",
"id": "121351"
},
{
"db": "PACKETSTORM",
"id": "121352"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002399"
},
{
"db": "NVD",
"id": "CVE-2013-1558"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2013-1558",
"ident": null
},
{
"db": "BID",
"id": "59219",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "122278",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121320",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121321",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "124943",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121538",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121630",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121327",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121351",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121352",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002399",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2013-1558",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2013-04-17T00:00:00",
"db": "VULMON",
"id": "CVE-2013-1558",
"ident": null
},
{
"date": "2013-04-16T00:00:00",
"db": "BID",
"id": "59219",
"ident": null
},
{
"date": "2013-07-03T19:19:05",
"db": "PACKETSTORM",
"id": "122278",
"ident": null
},
{
"date": "2013-04-17T23:59:43",
"db": "PACKETSTORM",
"id": "121320",
"ident": null
},
{
"date": "2013-04-18T00:00:20",
"db": "PACKETSTORM",
"id": "121321",
"ident": null
},
{
"date": "2014-01-27T18:30:13",
"db": "PACKETSTORM",
"id": "124943",
"ident": null
},
{
"date": "2013-05-06T19:22:00",
"db": "PACKETSTORM",
"id": "121538",
"ident": null
},
{
"date": "2013-05-14T20:49:18",
"db": "PACKETSTORM",
"id": "121630",
"ident": null
},
{
"date": "2013-04-17T17:22:22",
"db": "PACKETSTORM",
"id": "121327",
"ident": null
},
{
"date": "2013-04-19T06:13:57",
"db": "PACKETSTORM",
"id": "121351",
"ident": null
},
{
"date": "2013-04-19T06:14:53",
"db": "PACKETSTORM",
"id": "121352",
"ident": null
},
{
"date": "2013-04-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002399",
"ident": null
},
{
"date": "2013-04-17T18:55:06.630000",
"db": "NVD",
"id": "CVE-2013-1558",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2013-1558",
"ident": null
},
{
"date": "2017-08-11T20:11:00",
"db": "BID",
"id": "59219",
"ident": null
},
{
"date": "2015-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002399",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-1558",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "59219"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "Oracle Java SE of Java Runtime Environment In Beans Processing vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002399"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "59219"
}
],
"trust": 0.3
}
}
VAR-201210-0267
Vulnerability from variot - Updated: 2026-04-10 23:24Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency. The vulnerability can be exploited over multiple protocols. This issue affects the 'Concurrency' sub-component. This vulnerability affects the following supported versions: 7 Update 7, 6 Update 35, 5.0 Update 36. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201406-32
http://security.gentoo.org/
Severity: High Title: IcedTea JDK: Multiple vulnerabilities Date: June 29, 2014 Bugs: #312297, #330205, #340819, #346799, #352035, #353418, #354231, #355127, #370787, #387637, #404095, #421031, #429522, #433389, #438750, #442478, #457206, #458410, #461714, #466822, #477210, #489570, #508270 ID: 201406-32
Synopsis
Multiple vulnerabilities have been found in the IcedTea JDK, the worst of which could lead to arbitrary code execution.
Background
IcedTea is a distribution of the Java OpenJDK source code built with free build tools.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/icedtea-bin < 6.1.13.3 >= 6.1.13.3
Description
Multiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, bypass intended security policies, or have other unspecified impact.
Workaround
There is no known workaround at this time.
Resolution
All IcedTea JDK users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/icedtea-bin-6.1.13.3"
References
[ 1 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 2 ] CVE-2010-2548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548 [ 3 ] CVE-2010-2783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783 [ 4 ] CVE-2010-3541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541 [ 5 ] CVE-2010-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548 [ 6 ] CVE-2010-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549 [ 7 ] CVE-2010-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551 [ 8 ] CVE-2010-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553 [ 9 ] CVE-2010-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554 [ 10 ] CVE-2010-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557 [ 11 ] CVE-2010-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561 [ 12 ] CVE-2010-3562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562 [ 13 ] CVE-2010-3564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564 [ 14 ] CVE-2010-3565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565 [ 15 ] CVE-2010-3566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566 [ 16 ] CVE-2010-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567 [ 17 ] CVE-2010-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568 [ 18 ] CVE-2010-3569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569 [ 19 ] CVE-2010-3573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573 [ 20 ] CVE-2010-3574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574 [ 21 ] CVE-2010-3860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860 [ 22 ] CVE-2010-4351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351 [ 23 ] CVE-2010-4448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448 [ 24 ] CVE-2010-4450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450 [ 25 ] CVE-2010-4465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465 [ 26 ] CVE-2010-4467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467 [ 27 ] CVE-2010-4469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469 [ 28 ] CVE-2010-4470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470 [ 29 ] CVE-2010-4471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471 [ 30 ] CVE-2010-4472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472 [ 31 ] CVE-2010-4476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476 [ 32 ] CVE-2011-0025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025 [ 33 ] CVE-2011-0706 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706 [ 34 ] CVE-2011-0815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815 [ 35 ] CVE-2011-0822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822 [ 36 ] CVE-2011-0862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862 [ 37 ] CVE-2011-0864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864 [ 38 ] CVE-2011-0865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865 [ 39 ] CVE-2011-0868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868 [ 40 ] CVE-2011-0869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869 [ 41 ] CVE-2011-0870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870 [ 42 ] CVE-2011-0871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871 [ 43 ] CVE-2011-0872 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872 [ 44 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 45 ] CVE-2011-3521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521 [ 46 ] CVE-2011-3544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544 [ 47 ] CVE-2011-3547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547 [ 48 ] CVE-2011-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548 [ 49 ] CVE-2011-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551 [ 50 ] CVE-2011-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552 [ 51 ] CVE-2011-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553 [ 52 ] CVE-2011-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554 [ 53 ] CVE-2011-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556 [ 54 ] CVE-2011-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557 [ 55 ] CVE-2011-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558 [ 56 ] CVE-2011-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560 [ 57 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 58 ] CVE-2011-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571 [ 59 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 60 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 61 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 62 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 63 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 64 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 65 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 66 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 67 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 68 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 69 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 70 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 71 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 72 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 73 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 74 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 75 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 76 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 77 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 78 ] CVE-2012-3422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422 [ 79 ] CVE-2012-3423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423 [ 80 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 81 ] CVE-2012-4540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540 [ 82 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 83 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 84 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 85 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 86 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 87 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 88 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 89 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 90 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 91 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 92 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 93 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 94 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 95 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 96 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 97 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 98 ] CVE-2012-5979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979 [ 99 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 100 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 101 ] CVE-2013-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424 [ 102 ] CVE-2013-0425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425 [ 103 ] CVE-2013-0426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426 [ 104 ] CVE-2013-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427 [ 105 ] CVE-2013-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428 [ 106 ] CVE-2013-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429 [ 107 ] CVE-2013-0431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431 [ 108 ] CVE-2013-0432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432 [ 109 ] CVE-2013-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433 [ 110 ] CVE-2013-0434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434 [ 111 ] CVE-2013-0435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435 [ 112 ] CVE-2013-0440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440 [ 113 ] CVE-2013-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441 [ 114 ] CVE-2013-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442 [ 115 ] CVE-2013-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443 [ 116 ] CVE-2013-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444 [ 117 ] CVE-2013-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450 [ 118 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 119 ] CVE-2013-1475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475 [ 120 ] CVE-2013-1476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476 [ 121 ] CVE-2013-1478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478 [ 122 ] CVE-2013-1480 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480 [ 123 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 124 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 125 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 126 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 127 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 128 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 129 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 130 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 131 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 132 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 133 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 134 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 135 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 136 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 137 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 138 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 139 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 140 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 141 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 142 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 143 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 144 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 145 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 146 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 147 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 148 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 149 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 150 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 151 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 152 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 153 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 154 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 155 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 156 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 157 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 158 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 159 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 160 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 161 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 162 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 163 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 164 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 165 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 166 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 167 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 168 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 169 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 170 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 171 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 172 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 173 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 174 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 175 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 176 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 177 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 178 ] CVE-2013-4002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002 [ 179 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 180 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 181 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 182 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 183 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 184 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 185 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 186 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 187 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 188 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 189 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 190 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 191 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 192 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 193 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 194 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 195 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 196 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 197 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 198 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 199 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 200 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 201 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 202 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 203 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 204 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 205 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 206 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 207 ] CVE-2013-6629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629 [ 208 ] CVE-2013-6954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954 [ 209 ] CVE-2014-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429 [ 210 ] CVE-2014-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446 [ 211 ] CVE-2014-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451 [ 212 ] CVE-2014-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452 [ 213 ] CVE-2014-0453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453 [ 214 ] CVE-2014-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456 [ 215 ] CVE-2014-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457 [ 216 ] CVE-2014-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458 [ 217 ] CVE-2014-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459 [ 218 ] CVE-2014-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460 [ 219 ] CVE-2014-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461 [ 220 ] CVE-2014-1876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876 [ 221 ] CVE-2014-2397 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397 [ 222 ] CVE-2014-2398 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398 [ 223 ] CVE-2014-2403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403 [ 224 ] CVE-2014-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412 [ 225 ] CVE-2014-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414 [ 226 ] CVE-2014-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421 [ 227 ] CVE-2014-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423 [ 228 ] CVE-2014-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201406-32.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2012:169 http://www.mandriva.com/security/
Package : java-1.6.0-openjdk Date : November 1, 2012 Affected: 2011., Enterprise Server 5.0
Problem Description:
Multiple security issues were identified and fixed in OpenJDK (icedtea6):
- S6631398, CVE-2012-3216: FilePermission improved path checking
- S7093490: adjust package access in rmiregistry
- S7143535, CVE-2012-5068: ScriptEngine corrected permissions
- S7167656, CVE-2012-5077: Multiple Seeders are being created
- S7169884, CVE-2012-5073: LogManager checks do not work correctly for sub-types
- S7169888, CVE-2012-5075: Narrowing resource definitions in JMX RMI connector
- S7172522, CVE-2012-5072: Improve DomainCombiner checking
- S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC
- S7189103, CVE-2012-5069: Executors needs to maintain state
- S7189490: More improvements to DomainCombiner checking
- S7189567, CVE-2012-5085: java net obselete protocol
- S7192975, CVE-2012-5071: Conditional usage check is wrong
- S7195194, CVE-2012-5084: Better data validation for Swing
- S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should be improved
- S7195919, CVE-2012-5979: (sl) ServiceLoader can throw CCE without needing to create instance
- S7198296, CVE-2012-5089: Refactor classloader usage
- S7158800: Improve storage of symbol tables
- S7158801: Improve VM CompileOnly option
- S7158804: Improve config file parsing
- S7176337: Additional changes needed for 7158801 fix
- S7198606, CVE-2012-4416: Improve VM optimization
The updated packages provides icedtea6-1.11.5 which is not vulnerable to these issues. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFQklqImqjQ0CJFipgRAiNOAJ4qA9L2NTdql1htD7pQDNJrDlPnUgCguupW xu3AOptE+B1OsUdPAeTUH5o= =2CFK -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03595351
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03595351 Version: 1
HPSBUX02832 SSRT101042 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2012-12-12 Last Updated: 2012-12-12
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v7.0.03, v6.0.16 and v5.0.26 and earlier
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2012-1531 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1532 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1533 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3143 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3159 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-3216 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2012-4416 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-5068 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-5069 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2012-5071 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-5072 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5073 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5075 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5077 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2012-5079 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2012-5081 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-5083 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5084 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2012-5085 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 0.0 CVE-2012-5086 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5087 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5089 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
NOTE: The following apply to both v7.0.03 and v6.0.16 and earlier: CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4416, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086, CVE-2012-5087, CVE-2012-5089
NOTE: The following apply to v5.0.26 and earlier: CVE-2012-1531, CVE-2012-3143, CVE-2012-3216, CVE-2012-5069, CVE-2012-5071, CVE-2012-5073, CVE-2012-5075, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5089
RESOLUTION
HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location
http://www.hp.com/java
HP-UX B.11.23, B.11.31 JDK and JRE v7.0.04 or subsequent
HP-UX B.11.11, B.11.23, B.11.31 JDK and JRE v6.0.17 or subsequent
HP-UX B.11.11, B.11.23, B.11.31 JDK and JRE v5.0.27 or subsequent
MANUAL ACTIONS: Yes - Update For Java v7.0 update to Java v7.0.04 or subsequent For Java v6.0 update to Java v6.0.17 or subsequent For Java v5.0 update to Java v5.0.27 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.23 HP-UX B.11.31 =========== Jdk70.JDK70-COM Jdk70.JDK70-DEMO Jdk70.JDK70-IPF32 Jdk70.JDK70-IPF64 Jre70.JRE70-COM Jre70.JRE70-IPF32 Jre70.JRE70-IPF32-HS Jre70.JRE70-IPF64 Jre70.JRE70-IPF64-HS action: install revision 1.7.0.04.00 or subsequent
HP-UX B.11.23 HP-UX B.11.31 =========== Jdk60.JDK60-COM Jdk60.JDK60-DEMO Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.17.00 or subsequent
HP-UX B.11.23 HP-UX B.11.31 =========== Jdk15.JDK15-COM Jdk15.JDK15-DEMO Jdk15.JDK15-IPF32 Jdk15.JDK15-IPF64 Jre15.JRE15-COM Jre15.JRE15-COM-DOC Jre15.JRE15-IPF32 Jre15.JRE15-IPF32-HS Jre15.JRE15-IPF64 Jre15.JRE15-IPF64-HS action: install revision 1.5.0.27.00 or subsequent
HP-UX B.11.11 HP-UX B.11.23 =========== Jdk60.JDK60-COM Jdk60.JDK60-DEMO Jdk60.JDK60-PA20 Jdk60.JDK60-PA20W Jre60.JRE60-COM Jre60.JRE60-COM-DOC Jre60.JRE60-PA20 Jre60.JRE60-PA20-HS Jre60.JRE60-PA20W Jre60.JRE60-PA20W-HS action: install revision 1.6.0.17.00 or subsequent
HP-UX B.11.11 HP-UX B.11.23 =========== Jdk15.JDK15-COM Jdk15.JDK15-DEMO Jdk15.JDK15-PA20 Jdk15.JDK15-PA20W Jre15.JRE15-COM Jre15.JRE15-COM-DOC Jre15.JRE15-PA20 Jre15.JRE15-PA20-HS Jre15.JRE15-PA20W Jre15.JRE15-PA20W-HS action: install revision 1.5.0.27.00 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 12 December 2012 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: java-1.5.0-ibm security update Advisory ID: RHSA-2012:1465-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1465.html Issue date: 2012-11-15 CVE Names: CVE-2012-1531 CVE-2012-3143 CVE-2012-3216 CVE-2012-4820 CVE-2012-4822 CVE-2012-5069 CVE-2012-5071 CVE-2012-5073 CVE-2012-5075 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5089 =====================================================================
- Summary:
Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-1531, CVE-2012-3143, CVE-2012-3216, CVE-2012-4820, CVE-2012-4822, CVE-2012-5069, CVE-2012-5071, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089)
All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM J2SE 5.0 SR15 release. All running instances of IBM Java must be restarted for this update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398) 865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884) 865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888) 865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286) 865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194) 865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296) 865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975) 865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103) 865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919) 867185 - CVE-2012-1531 Oracle JDK: unspecified vulnerability (2D) 867189 - CVE-2012-3143 Oracle JDK: unspecified vulnerability (JMX) 867193 - CVE-2012-5083 Oracle JDK: unspecified vulnerability (2D) 876386 - CVE-2012-4820 IBM JDK: java.lang.reflect.Method invoke() code execution 876388 - CVE-2012-4822 IBM JDK: java.lang.class code execution
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.i386.rpm
x86_64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.i386.rpm
ppc: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm java-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm
s390x: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm java-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm
x86_64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.i686.rpm
x86_64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.i686.rpm
ppc64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.ppc.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.ppc.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el6_3.ppc.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm
s390x: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.s390x.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.s390x.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.s390.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.s390x.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.s390.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.s390x.rpm
x86_64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.i686.rpm
x86_64: java-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-1531.html https://www.redhat.com/security/data/cve/CVE-2012-3143.html https://www.redhat.com/security/data/cve/CVE-2012-3216.html https://www.redhat.com/security/data/cve/CVE-2012-4820.html https://www.redhat.com/security/data/cve/CVE-2012-4822.html https://www.redhat.com/security/data/cve/CVE-2012-5069.html https://www.redhat.com/security/data/cve/CVE-2012-5071.html https://www.redhat.com/security/data/cve/CVE-2012-5073.html https://www.redhat.com/security/data/cve/CVE-2012-5075.html https://www.redhat.com/security/data/cve/CVE-2012-5079.html https://www.redhat.com/security/data/cve/CVE-2012-5081.html https://www.redhat.com/security/data/cve/CVE-2012-5083.html https://www.redhat.com/security/data/cve/CVE-2012-5084.html https://www.redhat.com/security/data/cve/CVE-2012-5089.html https://access.redhat.com/security/updates/classification/#critical https://www.ibm.com/developerworks/java/jdk/alerts/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQpV27XlSAg2UNWIIRAtdyAJ950SF43om961RrbDO+l6pKLsNVkQCfZToe RVwkoTHhFv4aMj/Tm3SjYjw= =XKVH -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0.200"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0.210"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 16",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.7"
},
{
"_id": null,
"model": "jre 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 01",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 17",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 10",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 0 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 24",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 16",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.7"
},
{
"_id": null,
"model": "jdk 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7 and later"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.8 and later"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7 and later"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.0 update 36"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6 update 35"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 update 7"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.0 update 36"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6 update 35"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 update 7"
},
{
"_id": null,
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer\u0027s kit for java",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"_id": null,
"model": "cosminexus server - standard edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - web edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- standard edition version 4"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- web edition version 4"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"_id": null,
"model": "hirdb for java /xml",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "developer\u0027s kit for java",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "processing kit for xml",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "for plug-in"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus operator",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus portal framework",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "entry set"
},
{
"_id": null,
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"_id": null,
"model": "ucosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard-r"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"_id": null,
"model": "jre 1.6.0 20",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 2",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0.0 07",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 01",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 11",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 01-b06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 11-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 07-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "virtualcenter",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5"
},
{
"_id": null,
"model": "vcenter update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"_id": null,
"model": "vcenter update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux enterprise software development kit sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise server for vmware sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise java sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise java sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jre 1.5.0 09",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 08",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 01-b06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 11-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 07-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 0 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0 11",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "trio tview software",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.27.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.2"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.1"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6)5.5"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5)5.5"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "openjdk",
"scope": "eq",
"trust": 0.3,
"vendor": "openjdk",
"version": "7"
},
{
"_id": null,
"model": "openjdk",
"scope": "eq",
"trust": 0.3,
"vendor": "openjdk",
"version": "6"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.3.2"
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.2.2"
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.1.2"
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "1.11.4"
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "1.10.9"
},
{
"_id": null,
"model": "websphere operational decision management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "websphere operational decision management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"_id": null,
"model": "websphere ilog jrules",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.3"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.2"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.13"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.12"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.11"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "rational system architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4.2.1"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"_id": null,
"model": "rational host on-demand",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "rational host on-demand",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.6.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.35"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.34"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.33"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.32"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.31"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.22"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.21"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.14"
},
{
"_id": null,
"model": "openpages grc platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "websphere mq server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "nonstop server j6.0.14.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.16",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.15.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.15",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.14.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.14",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.13.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.13",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.12.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.11.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.10.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.10.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.10.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.09.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.09.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.09.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.09.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.09.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.08.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.08.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.08.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.08.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.08.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.07.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.07.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.07.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.06.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.06.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.06.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.06.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.05.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.05.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.05.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.04.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.04.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.04.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.27",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.26.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.26",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.25.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.25",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.24.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.24",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.22.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.22.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.21.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.21.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.21.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.20.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.20.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.20.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.20.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.19.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.19.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.19.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.19.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.18.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.18.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.18.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.17.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.17.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.17.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.17.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.16.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.16.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.16.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.15.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.15.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.15.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk and jre for openvms integrity servers 6.0-3.p1",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "ucosminexus service platform messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "ucosminexus portal framework",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "ucosminexus operator",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "processing kit for xml",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "hirdb",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "8.0"
},
{
"_id": null,
"model": "hirdb",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "4.0"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "9.0"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "8.0"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "vcenter server update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.11"
},
{
"_id": null,
"model": "update manager update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.11"
},
{
"_id": null,
"model": "trio tview software",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.29.0"
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.3.3"
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.2.3"
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.1.3"
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "1.11.5"
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "1.10.10"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.4"
},
{
"_id": null,
"model": "rational system architect",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4.2.2"
},
{
"_id": null,
"model": "rational synergy",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "rational service tester",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"_id": null,
"model": "rational host on-demand",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.7"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"_id": null,
"model": "rational build forge",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "openpages grc platform",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1"
},
{
"_id": null,
"model": "jdk and jre for openvms integrity servers",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.0-4"
}
],
"sources": [
{
"db": "BID",
"id": "56065"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-281"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004963"
},
{
"db": "NVD",
"id": "CVE-2012-5069"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:jdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:jre",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hirdb_for_java_xml",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:processing_kit_for_xml",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_light",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_operator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_portal_framework",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_architect",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_platform",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004963"
}
]
},
"credits": {
"_id": null,
"data": "Oracle",
"sources": [
{
"db": "BID",
"id": "56065"
}
],
"trust": 0.3
},
"cve": "CVE-2012-5069",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2012-5069",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-5069",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2012-5069",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201210-281",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-281"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004963"
},
{
"db": "NVD",
"id": "CVE-2012-5069"
}
]
},
"description": {
"_id": null,
"data": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency. \nThe vulnerability can be exploited over multiple protocols. This issue affects the \u0027Concurrency\u0027 sub-component. \nThis vulnerability affects the following supported versions:\n7 Update 7, 6 Update 35, 5.0 Update 36. In a typical operating environment, these are of low security risk as\nthe runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201406-32\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: IcedTea JDK: Multiple vulnerabilities\n Date: June 29, 2014\n Bugs: #312297, #330205, #340819, #346799, #352035, #353418,\n #354231, #355127, #370787, #387637, #404095, #421031,\n #429522, #433389, #438750, #442478, #457206, #458410,\n #461714, #466822, #477210, #489570, #508270\n ID: 201406-32\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the IcedTea JDK, the worst\nof which could lead to arbitrary code execution. \n\nBackground\n==========\n\nIcedTea is a distribution of the Java OpenJDK source code built with\nfree build tools. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-java/icedtea-bin \u003c 6.1.13.3 \u003e= 6.1.13.3 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in the IcedTea JDK. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, bypass intended security policies, or have other\nunspecified impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll IcedTea JDK users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-java/icedtea-bin-6.1.13.3\"\n\nReferences\n==========\n\n[ 1 ] CVE-2009-3555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555\n[ 2 ] CVE-2010-2548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548\n[ 3 ] CVE-2010-2783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783\n[ 4 ] CVE-2010-3541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541\n[ 5 ] CVE-2010-3548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548\n[ 6 ] CVE-2010-3549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549\n[ 7 ] CVE-2010-3551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551\n[ 8 ] CVE-2010-3553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553\n[ 9 ] CVE-2010-3554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554\n[ 10 ] CVE-2010-3557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557\n[ 11 ] CVE-2010-3561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561\n[ 12 ] CVE-2010-3562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562\n[ 13 ] CVE-2010-3564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564\n[ 14 ] CVE-2010-3565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565\n[ 15 ] CVE-2010-3566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566\n[ 16 ] CVE-2010-3567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567\n[ 17 ] CVE-2010-3568\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568\n[ 18 ] CVE-2010-3569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569\n[ 19 ] CVE-2010-3573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573\n[ 20 ] CVE-2010-3574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574\n[ 21 ] CVE-2010-3860\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860\n[ 22 ] CVE-2010-4351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351\n[ 23 ] CVE-2010-4448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448\n[ 24 ] CVE-2010-4450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450\n[ 25 ] CVE-2010-4465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465\n[ 26 ] CVE-2010-4467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467\n[ 27 ] CVE-2010-4469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469\n[ 28 ] CVE-2010-4470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470\n[ 29 ] CVE-2010-4471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471\n[ 30 ] CVE-2010-4472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472\n[ 31 ] CVE-2010-4476\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476\n[ 32 ] CVE-2011-0025\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025\n[ 33 ] CVE-2011-0706\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706\n[ 34 ] CVE-2011-0815\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815\n[ 35 ] CVE-2011-0822\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822\n[ 36 ] CVE-2011-0862\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862\n[ 37 ] CVE-2011-0864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864\n[ 38 ] CVE-2011-0865\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865\n[ 39 ] CVE-2011-0868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868\n[ 40 ] CVE-2011-0869\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869\n[ 41 ] CVE-2011-0870\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870\n[ 42 ] CVE-2011-0871\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871\n[ 43 ] CVE-2011-0872\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872\n[ 44 ] CVE-2011-3389\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389\n[ 45 ] CVE-2011-3521\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521\n[ 46 ] CVE-2011-3544\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544\n[ 47 ] CVE-2011-3547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547\n[ 48 ] CVE-2011-3548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548\n[ 49 ] CVE-2011-3551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551\n[ 50 ] CVE-2011-3552\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552\n[ 51 ] CVE-2011-3553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553\n[ 52 ] CVE-2011-3554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554\n[ 53 ] CVE-2011-3556\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556\n[ 54 ] CVE-2011-3557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557\n[ 55 ] CVE-2011-3558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558\n[ 56 ] CVE-2011-3560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560\n[ 57 ] CVE-2011-3563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[ 58 ] CVE-2011-3571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571\n[ 59 ] CVE-2011-5035\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[ 60 ] CVE-2012-0497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[ 61 ] CVE-2012-0501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[ 62 ] CVE-2012-0502\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[ 63 ] CVE-2012-0503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[ 64 ] CVE-2012-0505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[ 65 ] CVE-2012-0506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[ 66 ] CVE-2012-0547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[ 67 ] CVE-2012-1711\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[ 68 ] CVE-2012-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[ 69 ] CVE-2012-1716\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[ 70 ] CVE-2012-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[ 71 ] CVE-2012-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[ 72 ] CVE-2012-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[ 73 ] CVE-2012-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[ 74 ] CVE-2012-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[ 75 ] CVE-2012-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[ 76 ] CVE-2012-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[ 77 ] CVE-2012-3216\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[ 78 ] CVE-2012-3422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422\n[ 79 ] CVE-2012-3423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423\n[ 80 ] CVE-2012-4416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[ 81 ] CVE-2012-4540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540\n[ 82 ] CVE-2012-5068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[ 83 ] CVE-2012-5069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[ 84 ] CVE-2012-5070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[ 85 ] CVE-2012-5071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[ 86 ] CVE-2012-5072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[ 87 ] CVE-2012-5073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[ 88 ] CVE-2012-5074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[ 89 ] CVE-2012-5075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[ 90 ] CVE-2012-5076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[ 91 ] CVE-2012-5077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[ 92 ] CVE-2012-5081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[ 93 ] CVE-2012-5084\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[ 94 ] CVE-2012-5085\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[ 95 ] CVE-2012-5086\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[ 96 ] CVE-2012-5087\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[ 97 ] CVE-2012-5089\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[ 98 ] CVE-2012-5979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979\n[ 99 ] CVE-2013-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[ 100 ] CVE-2013-0401\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[ 101 ] CVE-2013-0424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424\n[ 102 ] CVE-2013-0425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425\n[ 103 ] CVE-2013-0426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426\n[ 104 ] CVE-2013-0427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427\n[ 105 ] CVE-2013-0428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428\n[ 106 ] CVE-2013-0429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429\n[ 107 ] CVE-2013-0431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431\n[ 108 ] CVE-2013-0432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432\n[ 109 ] CVE-2013-0433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433\n[ 110 ] CVE-2013-0434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434\n[ 111 ] CVE-2013-0435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435\n[ 112 ] CVE-2013-0440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440\n[ 113 ] CVE-2013-0441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441\n[ 114 ] CVE-2013-0442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442\n[ 115 ] CVE-2013-0443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443\n[ 116 ] CVE-2013-0444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444\n[ 117 ] CVE-2013-0450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450\n[ 118 ] CVE-2013-0809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[ 119 ] CVE-2013-1475\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475\n[ 120 ] CVE-2013-1476\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476\n[ 121 ] CVE-2013-1478\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478\n[ 122 ] CVE-2013-1480\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480\n[ 123 ] CVE-2013-1484\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[ 124 ] CVE-2013-1485\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[ 125 ] CVE-2013-1486\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[ 126 ] CVE-2013-1488\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[ 127 ] CVE-2013-1493\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[ 128 ] CVE-2013-1500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[ 129 ] CVE-2013-1518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[ 130 ] CVE-2013-1537\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[ 131 ] CVE-2013-1557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[ 132 ] CVE-2013-1569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[ 133 ] CVE-2013-1571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[ 134 ] CVE-2013-2383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[ 135 ] CVE-2013-2384\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 136 ] CVE-2013-2407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 137 ] CVE-2013-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 138 ] CVE-2013-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 139 ] CVE-2013-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 140 ] CVE-2013-2419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 141 ] CVE-2013-2420\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 142 ] CVE-2013-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 143 ] CVE-2013-2422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 144 ] CVE-2013-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 145 ] CVE-2013-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 146 ] CVE-2013-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 147 ] CVE-2013-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 148 ] CVE-2013-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 149 ] CVE-2013-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 150 ] CVE-2013-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 151 ] CVE-2013-2443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 152 ] CVE-2013-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 153 ] CVE-2013-2445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 154 ] CVE-2013-2446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 155 ] CVE-2013-2447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 156 ] CVE-2013-2448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 157 ] CVE-2013-2449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 158 ] CVE-2013-2450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 159 ] CVE-2013-2451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 160 ] CVE-2013-2452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 161 ] CVE-2013-2453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 162 ] CVE-2013-2454\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 163 ] CVE-2013-2455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 164 ] CVE-2013-2456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 165 ] CVE-2013-2457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 166 ] CVE-2013-2458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 167 ] CVE-2013-2459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 168 ] CVE-2013-2460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 169 ] CVE-2013-2461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 170 ] CVE-2013-2463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 171 ] CVE-2013-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 172 ] CVE-2013-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 173 ] CVE-2013-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 174 ] CVE-2013-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 175 ] CVE-2013-2472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 176 ] CVE-2013-2473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 177 ] CVE-2013-3829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 178 ] CVE-2013-4002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002\n[ 179 ] CVE-2013-5772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 180 ] CVE-2013-5774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 181 ] CVE-2013-5778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 182 ] CVE-2013-5780\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 183 ] CVE-2013-5782\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 184 ] CVE-2013-5783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 185 ] CVE-2013-5784\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 186 ] CVE-2013-5790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 187 ] CVE-2013-5797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 188 ] CVE-2013-5800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 189 ] CVE-2013-5802\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 190 ] CVE-2013-5803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 191 ] CVE-2013-5804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 192 ] CVE-2013-5805\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 193 ] CVE-2013-5806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 194 ] CVE-2013-5809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 195 ] CVE-2013-5814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 196 ] CVE-2013-5817\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 197 ] CVE-2013-5820\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 198 ] CVE-2013-5823\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 199 ] CVE-2013-5825\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 200 ] CVE-2013-5829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 201 ] CVE-2013-5830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 202 ] CVE-2013-5840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 203 ] CVE-2013-5842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 204 ] CVE-2013-5849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 205 ] CVE-2013-5850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 206 ] CVE-2013-5851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 207 ] CVE-2013-6629\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629\n[ 208 ] CVE-2013-6954\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954\n[ 209 ] CVE-2014-0429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429\n[ 210 ] CVE-2014-0446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446\n[ 211 ] CVE-2014-0451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451\n[ 212 ] CVE-2014-0452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452\n[ 213 ] CVE-2014-0453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453\n[ 214 ] CVE-2014-0456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456\n[ 215 ] CVE-2014-0457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457\n[ 216 ] CVE-2014-0458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458\n[ 217 ] CVE-2014-0459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459\n[ 218 ] CVE-2014-0460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460\n[ 219 ] CVE-2014-0461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461\n[ 220 ] CVE-2014-1876\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876\n[ 221 ] CVE-2014-2397\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397\n[ 222 ] CVE-2014-2398\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398\n[ 223 ] CVE-2014-2403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403\n[ 224 ] CVE-2014-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412\n[ 225 ] CVE-2014-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414\n[ 226 ] CVE-2014-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421\n[ 227 ] CVE-2014-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423\n[ 228 ] CVE-2014-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201406-32.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2012:169\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : java-1.6.0-openjdk\n Date : November 1, 2012\n Affected: 2011., Enterprise Server 5.0\n _______________________________________________________________________\n\n Problem Description:\n\n Multiple security issues were identified and fixed in OpenJDK\n (icedtea6):\n \n * S6631398, CVE-2012-3216: FilePermission improved path checking\n * S7093490: adjust package access in rmiregistry\n * S7143535, CVE-2012-5068: ScriptEngine corrected permissions\n * S7167656, CVE-2012-5077: Multiple Seeders are being created\n * S7169884, CVE-2012-5073: LogManager checks do not work correctly\n for sub-types\n * S7169888, CVE-2012-5075: Narrowing resource definitions in JMX\n RMI connector\n * S7172522, CVE-2012-5072: Improve DomainCombiner checking\n * S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC\n * S7189103, CVE-2012-5069: Executors needs to maintain state\n * S7189490: More improvements to DomainCombiner checking\n * S7189567, CVE-2012-5085: java net obselete protocol\n * S7192975, CVE-2012-5071: Conditional usage check is wrong\n * S7195194, CVE-2012-5084: Better data validation for Swing\n * S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should\n be improved\n * S7195919, CVE-2012-5979: (sl) ServiceLoader can throw CCE without\n needing to create instance\n * S7198296, CVE-2012-5089: Refactor classloader usage\n * S7158800: Improve storage of symbol tables\n * S7158801: Improve VM CompileOnly option\n * S7158804: Improve config file parsing\n * S7176337: Additional changes needed for 7158801 fix\n * S7198606, CVE-2012-4416: Improve VM optimization\n \n The updated packages provides icedtea6-1.11.5 which is not vulnerable\n to these issues. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niD8DBQFQklqImqjQ0CJFipgRAiNOAJ4qA9L2NTdql1htD7pQDNJrDlPnUgCguupW\nxu3AOptE+B1OsUdPAeTUH5o=\n=2CFK\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c03595351\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03595351\nVersion: 1\n\nHPSBUX02832 SSRT101042 rev.1 - HP-UX Running Java, Remote Unauthorized\nAccess, Disclosure of Information, and Other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2012-12-12\nLast Updated: 2012-12-12\n\nPotential Security Impact: Remote unauthorized access, disclosure of\ninformation, and other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in Java Runtime\nEnvironment (JRE) and Java Developer Kit (JDK) running on HP-UX. These\nvulnerabilities could allow remote unauthorized access, disclosure of\ninformation, and other exploits. \nHP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v7.0.03, v6.0.16\nand v5.0.26 and earlier\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2012-1531 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-1532 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-1533 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-3143 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-3159 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2012-3216 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\nCVE-2012-4416 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2012-5068 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2012-5069 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8\nCVE-2012-5071 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2012-5072 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2012-5073 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2012-5075 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2012-5077 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\nCVE-2012-5079 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2012-5081 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2012-5083 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-5084 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2012-5085 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 0.0\nCVE-2012-5086 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-5087 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-5089 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nNOTE: The following apply to both v7.0.03 and v6.0.16 and earlier:\nCVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159,\nCVE-2012-3216, CVE-2012-4416, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071,\nCVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5077, CVE-2012-5079,\nCVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086,\nCVE-2012-5087, CVE-2012-5089\n\nNOTE: The following apply to v5.0.26 and earlier: CVE-2012-1531,\nCVE-2012-3143, CVE-2012-3216, CVE-2012-5069, CVE-2012-5071, CVE-2012-5073,\nCVE-2012-5075, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083,\nCVE-2012-5084, CVE-2012-5085, CVE-2012-5089\n\nRESOLUTION\n\nHP has provided the following Java version upgrade to resolve these\nvulnerabilities. \nThe upgrade is available from the following location\n\nhttp://www.hp.com/java\n\nHP-UX B.11.23, B.11.31\n JDK and JRE v7.0.04 or subsequent\n\nHP-UX B.11.11, B.11.23, B.11.31\n JDK and JRE v6.0.17 or subsequent\n\nHP-UX B.11.11, B.11.23, B.11.31\n JDK and JRE v5.0.27 or subsequent\n\nMANUAL ACTIONS: Yes - Update\nFor Java v7.0 update to Java v7.0.04 or subsequent\nFor Java v6.0 update to Java v6.0.17 or subsequent\nFor Java v5.0 update to Java v5.0.27 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJdk70.JDK70-COM\nJdk70.JDK70-DEMO\nJdk70.JDK70-IPF32\nJdk70.JDK70-IPF64\nJre70.JRE70-COM\nJre70.JRE70-IPF32\nJre70.JRE70-IPF32-HS\nJre70.JRE70-IPF64\nJre70.JRE70-IPF64-HS\naction: install revision 1.7.0.04.00 or subsequent\n\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJdk60.JDK60-COM\nJdk60.JDK60-DEMO\nJdk60.JDK60-IPF32\nJdk60.JDK60-IPF64\nJre60.JRE60-COM\nJre60.JRE60-IPF32\nJre60.JRE60-IPF32-HS\nJre60.JRE60-IPF64\nJre60.JRE60-IPF64-HS\naction: install revision 1.6.0.17.00 or subsequent\n\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJdk15.JDK15-COM\nJdk15.JDK15-DEMO\nJdk15.JDK15-IPF32\nJdk15.JDK15-IPF64\nJre15.JRE15-COM\nJre15.JRE15-COM-DOC\nJre15.JRE15-IPF32\nJre15.JRE15-IPF32-HS\nJre15.JRE15-IPF64\nJre15.JRE15-IPF64-HS\naction: install revision 1.5.0.27.00 or subsequent\n\nHP-UX B.11.11\nHP-UX B.11.23\n===========\nJdk60.JDK60-COM\nJdk60.JDK60-DEMO\nJdk60.JDK60-PA20\nJdk60.JDK60-PA20W\nJre60.JRE60-COM\nJre60.JRE60-COM-DOC\nJre60.JRE60-PA20\nJre60.JRE60-PA20-HS\nJre60.JRE60-PA20W\nJre60.JRE60-PA20W-HS\naction: install revision 1.6.0.17.00 or subsequent\n\nHP-UX B.11.11\nHP-UX B.11.23\n===========\nJdk15.JDK15-COM\nJdk15.JDK15-DEMO\nJdk15.JDK15-PA20\nJdk15.JDK15-PA20W\nJre15.JRE15-COM\nJre15.JRE15-COM-DOC\nJre15.JRE15-PA20\nJre15.JRE15-PA20-HS\nJre15.JRE15-PA20W\nJre15.JRE15-PA20W-HS\naction: install revision 1.5.0.27.00 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 12 December 2012 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated\nperiodically, is contained in HP Security Notice HPSN-2011-001:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttp://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2012 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: java-1.5.0-ibm security update\nAdvisory ID: RHSA-2012:1465-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1465.html\nIssue date: 2012-11-15\nCVE Names: CVE-2012-1531 CVE-2012-3143 CVE-2012-3216 \n CVE-2012-4820 CVE-2012-4822 CVE-2012-5069 \n CVE-2012-5071 CVE-2012-5073 CVE-2012-5075 \n CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 \n CVE-2012-5084 CVE-2012-5089 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.5.0-ibm packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nIBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM\nJava Software Development Kit. Detailed\nvulnerability descriptions are linked from the IBM Security alerts page,\nlisted in the References section. (CVE-2012-1531, CVE-2012-3143,\nCVE-2012-3216, CVE-2012-4820, CVE-2012-4822, CVE-2012-5069, CVE-2012-5071,\nCVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083,\nCVE-2012-5084, CVE-2012-5089)\n\nAll users of java-1.5.0-ibm are advised to upgrade to these updated\npackages, containing the IBM J2SE 5.0 SR15 release. All running instances\nof IBM Java must be restarted for this update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398)\n865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884)\n865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)\n865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286)\n865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)\n865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)\n865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975)\n865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103)\n865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919)\n867185 - CVE-2012-1531 Oracle JDK: unspecified vulnerability (2D)\n867189 - CVE-2012-3143 Oracle JDK: unspecified vulnerability (JMX)\n867193 - CVE-2012-5083 Oracle JDK: unspecified vulnerability (2D)\n876386 - CVE-2012-4820 IBM JDK: java.lang.reflect.Method invoke() code execution\n876388 - CVE-2012-4822 IBM JDK: java.lang.class code execution\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\n\nx86_64:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm\njava-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm\njava-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\n\nppc:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm\njava-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm\njava-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm\njava-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.ppc.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm\n\ns390x:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.s390.rpm\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm\njava-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.s390.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.s390.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm\njava-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.s390.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.s390.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.s390x.rpm\n\nx86_64:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm\njava-1.5.0-ibm-accessibility-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm\njava-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.i386.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\n\nx86_64:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6):\n\nx86_64:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\n\nppc64:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.ppc.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm\njava-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.ppc.rpm\njava-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el6_3.ppc.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm\n\ns390x:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.s390x.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.s390x.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.s390.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.s390x.rpm\njava-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.s390.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.s390x.rpm\n\nx86_64:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-jdbc-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-plugin-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\n\nx86_64:\njava-1.5.0-ibm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-demo-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.i686.rpm\njava-1.5.0-ibm-devel-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-javacomm-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\njava-1.5.0-ibm-src-1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-1531.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-3143.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-3216.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-4820.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-4822.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5069.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5071.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5073.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5075.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5079.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5081.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5083.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5084.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5089.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://www.ibm.com/developerworks/java/jdk/alerts/\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQpV27XlSAg2UNWIIRAtdyAJ950SF43om961RrbDO+l6pKLsNVkQCfZToe\nRVwkoTHhFv4aMj/Tm3SjYjw=\n=XKVH\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5069"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004963"
},
{
"db": "BID",
"id": "56065"
},
{
"db": "PACKETSTORM",
"id": "123734"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "117825"
},
{
"db": "PACKETSTORM",
"id": "118835"
},
{
"db": "PACKETSTORM",
"id": "118139"
},
{
"db": "PACKETSTORM",
"id": "118142"
}
],
"trust": 2.43
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2012-5069",
"trust": 3.3
},
{
"db": "HITACHI",
"id": "HS12-023",
"trust": 1.9
},
{
"db": "BID",
"id": "56065",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "51438",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "51166",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "51390",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "51328",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "51327",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "51141",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "51326",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "51029",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "51028",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "51315",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004963",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-281",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-213-02",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "123734",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127267",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117825",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118835",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118139",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118142",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "56065"
},
{
"db": "PACKETSTORM",
"id": "123734"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "117825"
},
{
"db": "PACKETSTORM",
"id": "118835"
},
{
"db": "PACKETSTORM",
"id": "118139"
},
{
"db": "PACKETSTORM",
"id": "118142"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-281"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004963"
},
{
"db": "NVD",
"id": "CVE-2012-5069"
}
]
},
"id": "VAR-201210-0267",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.75
},
"last_update_date": "2026-04-10T23:24:49.568000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HT5549",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5549"
},
{
"title": "HT5549",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5549?viewlocale=ja_JP"
},
{
"title": "HS12-023",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html"
},
{
"title": "HPSBUX02832 SSRT101042",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c03595351"
},
{
"title": "HPSBOV02833 SSRT101043",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c03596813"
},
{
"title": "1631786",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"title": "1616490",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"title": "1620037",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037"
},
{
"title": "1621154",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"title": "SUSE-SU-2012:1489",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html"
},
{
"title": "openSUSE-SU-2012:1423",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html"
},
{
"title": "SUSE-SU-2012:1398",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"title": "SUSE-SU-2012:1595",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html"
},
{
"title": "Text Form of Oracle Java SE Critical Patch Update - October 2012 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012verbose-1515981.html"
},
{
"title": "Oracle Java SE Critical Patch Update Advisory - October 2012",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
},
{
"title": "RHSA-2013:1455",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"title": "RHSA-2012:1465",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"title": "RHSA-2013:1456",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"title": "RHSA-2012:1466",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"title": "RHSA-2012:1467",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"title": "RHSA-2012:1391",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"
},
{
"title": "RHSA-2012:1392",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1392.html"
},
{
"title": "RHSA-2012:1385",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1385.html"
},
{
"title": "RHSA-2012:1386",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1386.html"
},
{
"title": "October 2012 Critical Patch Update and Critical Patch Update for Java SE Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2012_critical_patch_update"
},
{
"title": "XRX13-003",
"trust": 0.8,
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
},
{
"title": "HS12-023",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-023/index.html"
},
{
"title": "Oracle Corporation Java\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/oracle/20121017.html"
},
{
"title": "Oracle Java SE JRE Fixes for Unknown Security Vulnerabilities in Components",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=192736"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-281"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004963"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5069"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
},
{
"trust": 1.9,
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_xrx13-003_v1.0.pdf"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1455.html"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1465.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1467.html"
},
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1456.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/51438"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/51315"
},
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1391.html"
},
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1466.html"
},
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1386.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/56065"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1385.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/51328"
},
{
"trust": 1.6,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16685"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/51028"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/51326"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/51327"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/51029"
},
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1392.html"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=135542848327757\u0026w=2"
},
{
"trust": 1.6,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79428"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/51166"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=135758563611658\u0026w=2"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/51141"
},
{
"trust": 1.6,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-023/index.html"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/51390"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5069"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20121017-jre.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5069"
},
{
"trust": 0.4,
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-october/020556.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5075"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5081"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5071"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3216"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5069"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5084"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5073"
},
{
"trust": 0.3,
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-october/020571.html"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht5549"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_fixed_in_java"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_fixed_in_java1"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/connections/blogs/psirt/entry/security_bulletin_vulnerabilities_in_rational_functional_tester_versions_8_x_due_to_security_vulnerabilities_in_ibm_jre_7_0_service_release_2_or_e"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100168011"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100168009"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03595351"
},
{
"trust": 0.3,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?docid=emr_na-c03909126-1"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03596813"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621951"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621771"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-023/index.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21617321"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21617323"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635864"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21637519"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21618977"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21625941"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21636462"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21619418"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2013-0003.html"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2013-0006.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621959"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621958"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5089.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5079.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5081.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5071.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3216.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5069.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5084.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4820.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5073.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4822.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5075.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1531.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5083.html"
},
{
"trust": 0.3,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3143.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5077"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5089"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5072"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5086"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1531"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5079"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3143"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5083"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1532.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4823.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3159.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5072.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1718.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1533.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4416"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5085"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5068"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1533"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1532"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3159"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5087"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4820"
},
{
"trust": 0.2,
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4822"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2468.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0873.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3548.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1540.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1476.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2463.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2446.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3521"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1500.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0428.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1480.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3556.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2419.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3563.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3546"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0401.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2444.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0425.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2454.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3551.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1722.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0497.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0500.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0419.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3389.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2422.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3561.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1721.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0409.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0863.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0423.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0499.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0862"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0867.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0443.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0507.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2451.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3552.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0809.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1487.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0351.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0814.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3547.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3549"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0503.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0427.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0433.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1493.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1569.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3554.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2435.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2456.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-3743.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3549.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2407.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3553"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3516.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0871.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3554"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2470.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5068.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1541.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0868.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3389"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0873"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1557.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2471.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2429.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3548"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3521.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3551"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2443.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1713.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3547"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3213.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0441.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2457.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2412.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3553.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0432.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0446.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1481.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1537.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1717.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3545"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2432.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2447.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0802.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2452.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0865.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0450.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3516"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3545.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1491.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2464.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0862.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1571.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2383.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2418.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3561"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1473.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3556"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0547.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1563.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2465.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2472.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2466.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2424.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2453.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3544.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0867"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2473.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2433.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2437.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1716.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0506.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0501.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3342.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0869"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0426.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2450.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3560.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3550"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3557.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0440.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1725.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0865"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0502.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2417.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0445.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2394.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2455.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0498.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1682.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2459.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2430.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3560"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3546.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0551.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0424.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3552"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3544"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0869.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2448.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0863"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1719.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3550.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1486.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-5035.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3557"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2384.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0169.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0505.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2469.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0438.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0871"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0868"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1478.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0435.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0434.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0802"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0814"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2420.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2440.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3551"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5075"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5086"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4416"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5089"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3216"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5979"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5081"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5077"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5068"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5071"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5084"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5979"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5073"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5085"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5072"
},
{
"trust": 0.1,
"url": "http://www.hp.com/java"
},
{
"trust": 0.1,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1718"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4821.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5070"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4823"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5086.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5067.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5070.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5076.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5074.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5077.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5076"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5088"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5088.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5087.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4821"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5074"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5067"
}
],
"sources": [
{
"db": "BID",
"id": "56065"
},
{
"db": "PACKETSTORM",
"id": "123734"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "117825"
},
{
"db": "PACKETSTORM",
"id": "118835"
},
{
"db": "PACKETSTORM",
"id": "118139"
},
{
"db": "PACKETSTORM",
"id": "118142"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-281"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004963"
},
{
"db": "NVD",
"id": "CVE-2012-5069"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "BID",
"id": "56065",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123734",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127267",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "117825",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "118835",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "118139",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "118142",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201210-281",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004963",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2012-5069",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2012-10-16T00:00:00",
"db": "BID",
"id": "56065",
"ident": null
},
{
"date": "2013-10-23T22:57:57",
"db": "PACKETSTORM",
"id": "123734",
"ident": null
},
{
"date": "2014-06-30T23:39:28",
"db": "PACKETSTORM",
"id": "127267",
"ident": null
},
{
"date": "2012-11-02T03:34:46",
"db": "PACKETSTORM",
"id": "117825",
"ident": null
},
{
"date": "2012-12-14T02:38:55",
"db": "PACKETSTORM",
"id": "118835",
"ident": null
},
{
"date": "2012-11-16T07:05:11",
"db": "PACKETSTORM",
"id": "118139",
"ident": null
},
{
"date": "2012-11-16T07:06:23",
"db": "PACKETSTORM",
"id": "118142",
"ident": null
},
{
"date": "2012-10-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-281",
"ident": null
},
{
"date": "2012-10-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004963",
"ident": null
},
{
"date": "2012-10-16T21:55:01.713000",
"db": "NVD",
"id": "CVE-2012-5069",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-08-03T11:09:00",
"db": "BID",
"id": "56065",
"ident": null
},
{
"date": "2022-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-281",
"ident": null
},
{
"date": "2015-08-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004963",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2012-5069",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "118835"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-281"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "Oracle Java SE of Java Runtime Environment In Concurrency Processing vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004963"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "56065"
}
],
"trust": 0.3
}
}
VAR-201406-0445
Vulnerability from variot - Updated: 2026-04-10 23:23OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability. OpenSSL is vulnerable to a man-in-the-middle attack. An attacker can exploit this issue to crash the affected application, denying service to legitimate users.
HP IceWall SSO Dfw and MCRP
If possible, do not use SHOST setting which allows IceWall SSO Dfw or MCRP to use SSL/TLS for back-end web server connection.
HP IceWall SSO Dfw Certd
If possible, set LDAPSSL to 0 to make HP SSO IceWall Certd to not use SSL/TLS on any connection with LDAP server.
References: CVE-2014-0224, SSRT101656
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP BladeSystem c-Class Virtual Connect Firmware prior to v4.30.
HP BladeSystem c-Class Virtual Connect Firmware v4.30 is available at the following download location:
http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTo k=com.vignette.cachetoken&javax.portlet.prp_bd9b6997fbc7fc515f4cf4626f5c8d01= wsrp-navigationalState%3Didx%253D%257CswItem%253DMTX_52c1d36ae30d4630bbf60592 ab%257CswEnvOID%253D2078%257CitemLocale%253D%257CswLang%253D%257Cmode%253D%25 7Caction%253DdriverDocument&javax.portlet.tpst=bd9b6997fbc7fc515f4cf4626f5c8d 01&sp4ts.oid=3884114&ac.admitted=1406807633194.876444892.199480143
NOTE: The Virtual Connect Manager software is an OpenSSL client when it communicates with Onboard Administrator, Virtual Connect Fiber Channel modules, and LDAP servers. There is no plan to update either Virtual Connect v3.61 or v4.01. Please ensure that all LDAP servers with which these products communicate are secure and that the latest version of Onboard Administrator is installed. The Virtual Connect Fiber Channel module does not have a vulnerable OpenSSL server. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04378799
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04378799 Version: 1
HPSBMU03074 rev.1 - HP Insight Control server migration on Linux and Windows running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-07-23 Last Updated: 2014-07-23
Potential Security Impact: Remote denial of service (DoS), code execution, unauthorized access, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Insight Control server migration running on Linux and Windows which could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information.
References:
CVE-2010-5298 Remote Denial of Service CVE-2014-0076 Unauthorized Disclosure of Information CVE-2014-0195 Remote Unauthorized Access CVE-2014-0198 Remote Denial of Service CVE-2014-0221 Remote Denial of Service (DoS) CVE-2014-0224 Remote Unauthorized Access or Disclosure of Information CVE-2014-3470 Remote Code Execution or Unauthorized Access SSRT101647
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server migration v7.2.2, v7.3, v7.3.1, and v7.3.2
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following updates to v7.3.2 of HP Insight Control server migration to resolve these vulnerabilities by upgrading to version 7.3.3. Please note that version 7.3.3 of HP Insight Control server migration is included on the HP Insight Management 7.3 Update 2 DVD.
HP has provided the installation binaries for download from the following web site by using the Receive for free option:
http://h18013.www1.hp.com/products/servers/management/fpdownload.html
Customers using HP Insight Control server migration v7.2.2 must first upgrade from v7.2.2 to v7.3 by using the HP Insight Management v7.3 DVD, and then upgrade to v7.3.3 by using the HP Insight Management v7.3 Update 2 DVD.
Customers running HP Insight Control server migration v7.3, v7.3.1, or v7.3.2, can use the HP Insight Control server migration v7.3 Update 2 DVD to complete the upgrade.
For more information on the upgrade process, please refer to the HP Insight Management Installation and Upgrade Guide and Release notes, which are available at the following location:
http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind ex.aspx?cat=insightmanagement
NOTE: The upgrade paths described above update the entire HP Insight Control software stack. To upgrade HP Insight Control server migration only, complete the following steps:
Copy "hpsmp.exe" to the local machine from the HP Insight Management v7.3.0 Update 2 DVD ISO. Create batch file with the following commands: @echo off hpsmp.exe /verysilent /SVCPATCH=Install_Through_Patch Copy the batch file to the folder where "hpsmp.exe" normally resides on the target system. Double click on the batch file. The HP Insight Control server migration installation starts in a command prompt. The command prompt closes when the installation finishes. After the installation completes it creates a log file (ICmigr.log) and an output file (ICmigroutput.xml) on the target system. Do not close or click on the command prompt while the process is completing. Do not run the command prompt in the background.
HISTORY Version:1 (rev.1) - 23 July 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlPPv38ACgkQ4B86/C0qfVmWsACgvg3ZBSYc1uQDUvMq71r7LLsR ZUUAnjwnaUdNhtgUmVoIOUaKjKyQIHsM =pNB+ -----END PGP SIGNATURE----- . HP System Management Homepage versions 7.3.2 and earlier for Linux and Windows. HP System Management Homepage v7.2.4.1 is available for Windows 2003 only.
HP System Management Homepage v7.2.4.1 for Windows x86: http://www.hp.com/swpublishing/MTX-d775367b0a28449ca05660778b ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98702
HP System Management Homepage v7.2.4.1 for Windows x64: http://www.hp.com/swpublishing/MTX-3a7aa5e233904ebe847a5e1555 ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98704
HP System Management Homepage v7.3.3.1 for Windows x86: http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05 ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98696
HP System Management Homepage v7.3.3.1 for Windows x64: http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98698
HP System Management Homepage v7.3.3.1 for Linux x86: http://www.hp.com/swpublishing/MTX-511c3e0b2f6f4f6bbc796fc619 ftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1980463820/v98694
HP System Management Homepage v7.3.3.1 for Linux x64: http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93 ftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1507410135/v98693
NOTE: HP System Management Homepage v7.3.3.1 for Linux x86 still contains OpenSSL v1.0.0d. As long as all other products which SMH V7.3.3.1 for Linux x86 communicates with have been upgraded to the latest versions, it will not be vulnerable to the exploits described in CVE-2014-0224. OpenSSL is a 3rd party product that is embedded with some HP Software products. This bulletin notifies HP Software customers about products affected by this OpenSSL vulnerability. The impacted products appear in the list below are vulnerable due to embedding of OpenSSL standard release software.
HP Asset Manager / CloudSystem Chargeback v9.40 Install patch v9.40.P4
For Windows(en) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00376
For Windows(de) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00377
For Windows(es) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00378
For Windows(fr) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00379
For Windows(it) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00380
For Windows(ja) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00381
For Windows(ko) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00382
For Windows(nl) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00383
For Windows(pt) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00384
For Windows(ru) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00385
For Windows(zh) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00386
For Linux(en) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00387
For Linux(de) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00388
For Linux(es) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00389
For Linux(fr) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00390
For Linux(it) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00391
For Linux(ja) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00392
For Linux(ko) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00393
For Linux(nl) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00394
For Linux(pt) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00395
For Linux(ru) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00396
For Linux(zh) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00397
HP Asset Manager v9.41 Install patch v9.41.P1
For Windows(en) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00423
For windows(de) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00424
For Windows(es) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00425
For Windows(fr) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00426
For Windows(it) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00427
For Windows(ja) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00428
For Windows(ko) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00429
For Windows(nl) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00430
For Windows(pt) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00431
For Windows(ru) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00432
For Windows(zh) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00433
For Linux(en) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00434
For Linux(de) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00435
For Linux(es) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00436
For Linux(fr) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00437
For Linux(it) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00438
For Linux(ja) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00439
For Linux(ko) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00440
For Linux(nl) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00441
For Linux(pt) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00442
For Linux(ru) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00443
For Linux(zh) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00444
HP Asset Manager v9.3x Install patch v9.32.P2
For Windows(en) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00398
For Windows(de) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00399
For Windows(es) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00400
For Windows(fr) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00401
For Windows(it) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00402
For Windows(ja) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00403
For Windows(ko) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00404
For Windows(nl) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00405
For Windows(pt) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00406
For Windows(ru) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00407
For Windows(zh) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00408
For Linux(en) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00409
For Linux (de) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00410
For Linux (es) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00411
For Linux (fr) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00412
For Linux (it) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00413
For Linux (ja) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00414
For Linux (ko) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00415
For Linux (nl) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00416
For Linux (pt) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00417
For Linux (ru) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00418
For Linux (zh) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00419
For AIX ANSI (en de es fr it nl pt) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00420
For HPUX ANSI (en de es fr it nl pt) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00421
For Solaris ANSI (en de es fr it nl pt) http://support.openview.hp.com/selfsolve/document/LID/AMGR_00422
HP Asset Manager v5.2x upgrade to v9.41.P1
HISTORY Version:1 (rev.1) - 19 August 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities
EMC Identifier: ESA-2014-079
CVE Identifier: See below for individual CVEs
Severity Rating: CVSS v2 Base Score: See below for individual CVSS score for each CVE
Affected products:
\x95 All EMC Documentum Content Server versions of 7.1 prior to P07
\x95 All EMC Documentum Content Server versions of 7.0
\x95 All EMC Documentum Content Server versions of 6.7 SP2 prior to P16
\x95 All EMC Documentum Content Server versions of 6.7 SP1
\x95 All EMC Documentum Content Server versions prior to 6.7 SP1
Summary:
EMC Documentum Content Server contains fixes for multiple vulnerabilities which also include vulnerabilities disclosed by the OpenSSL project on June 5, 2014 in OpenSSL.
Details: EMC Documentum Content Server may be susceptible to the following vulnerabilities:
\x95 Arbitrary Code Execution (CVE-2014-4618): Authenticated non-privileged users can potentially execute Documentum methods with higher level privileges (up to and including superuser privileges) due to improper authorization checks being performed on user-created system objects. CVSS v2 Base Score: 8.2 (AV:N/AC:M/Au:S/C:C/I:C/A:P)
\x95 DQL Injection (CVE-2014-2520): Certain DQL hints in EMC Documentum Content Server may be potentially exploited by an authenticated non-privileged malicious user to conduct DQL injection attacks and read the database contents. This issue only affects Content Server running on Oracle database. CVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)
\x95 Information Disclosure (CVE-2014-2521): Authenticated non-privileged users are allowed to retrieve meta-data of unauthorized system objects due to improper authorization checks being performed on certain RPC commands in Content Server. CVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)
\x95 Multiple OpenSSL vulnerabilities (See individual CVEs below and refer to NVD for each of their scores): SSL/TLS Man-in-the-middle (MITM) vulnerability (CVE-2014-0224) DTLS recursion flaw (CVE-2014-0221) DTLS invalid fragment vulnerability (CVE-2014-0195) SSL_MODE_RELEASE_BUFFERS NULL pointer deference (CVE-2014-0198) SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298) Anonymous ECDH denial of service (CVE-2014-3470) FLUSH + RELOAD cache side-channel attack (CVE-2014-0076) For more information about these vulnerabilities, please visit the original OpenSSL advisory https://www.openssl.org/news/secadv_20140605.txt
Resolution: The following versions contain the resolution for these issues: \x95 EMC Documentum Content Server version 7.1 P07 and later \x95 EMC Documentum Content Server version 7.0: Hotfixes are available for Windows & Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \x95 EMC Documentum Content Server version 6.7 SP2 P16 and later \x95 EMC Documentum Content Server version 6.7 SP1: Hotfixes are available for Windows & Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests.
EMC recommends all customers to upgrade to one of the above versions at the earliest opportunity.
Link to remedies: Registered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/2732_Documentum-Server
For Hotfix, contact EMC Support.
Read and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867.
For an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.
EMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.
- Go to the HP Software Depot site at http://www.software.hp.com and search for "HP OneView". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: Red Hat JBoss Enterprise Application Platform 5.2.0 security update Advisory ID: RHSA-2014:0630-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0630.html Issue date: 2014-06-05 CVE Names: CVE-2014-0224 =====================================================================
- Summary:
An update for Red Hat JBoss Enterprise Application Platform 5.2.0 that fixes one security issue is now available from the Red Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Description:
Red Hat JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam.
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224)
Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. Red Hat JBoss Enterprise Application Platform includes OpenSSL 0.9.8e, so this flaw is only exploitable when OpenSSL in JBoss EAP is used as a client, communicating with a vulnerable server running OpenSSL version 1.0.1 and above. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433
Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of this issue.
All users of Red Hat JBoss Enterprise Application Platform 5.2.0 as provided from the Red Hat Customer Portal are advised to apply this update. The JBoss server process must be restarted for this update to take effect.
- Solution:
The References section of this erratum contains a download link (you must log in to download the update). Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications (including all applications and configuration files).
- References:
https://www.redhat.com/security/data/cve/CVE-2014-0224.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/articles/904433 https://access.redhat.com/site/solutions/906533 https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=5.2.0
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8za"
},
{
"_id": null,
"model": "jboss enterprise web server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.0.1"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"_id": null,
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "2.7.0"
},
{
"_id": null,
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.2.0"
},
{
"_id": null,
"model": "cp1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1.25"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.4.0"
},
{
"_id": null,
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "jboss enterprise web platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.2.0"
},
{
"_id": null,
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.2.3"
},
{
"_id": null,
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "2.7.8"
},
{
"_id": null,
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.29"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"_id": null,
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.4.2"
},
{
"_id": null,
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "s7-1500",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.6"
},
{
"_id": null,
"model": "storage",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"_id": null,
"model": "server",
"scope": "lt",
"trust": 1.0,
"vendor": "filezilla",
"version": "0.9.45"
},
{
"_id": null,
"model": "application processing engine",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0.2"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"_id": null,
"model": "rox",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.16.1"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmate",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "global associates",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nvidia",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"_id": null,
"model": "chrome for android",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.141"
},
{
"_id": null,
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v210.1"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"_id": null,
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "9.1-release-p15",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "34.0"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed ga level",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "10.0-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp11",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "big-ip edge clients for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "x7101"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"_id": null,
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.2"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "big-ip edge clients for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "2.0.3"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"_id": null,
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "10.0-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "aura communication manager utility services sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.16.1.0.9.8"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.1"
},
{
"_id": null,
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"_id": null,
"model": "9.1-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"_id": null,
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"_id": null,
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"_id": null,
"model": "intelligencecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"_id": null,
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"_id": null,
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"_id": null,
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"_id": null,
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp13",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"_id": null,
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"_id": null,
"model": "9.3-beta1-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "10.0-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"_id": null,
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"_id": null,
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"_id": null,
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"_id": null,
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"_id": null,
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"_id": null,
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"_id": null,
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"_id": null,
"model": "8.4-release-p12",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "netcool/system service monitor fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.014"
},
{
"_id": null,
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "big-ip edge clients for apple ios",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"_id": null,
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "big-ip edge clients for apple ios",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0.2"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"_id": null,
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "9.2-release-p8",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"_id": null,
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "icewall sso dfw r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip edge clients for android",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "2.0.5"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"_id": null,
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.0-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"_id": null,
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0.1650.59"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.0.9.8"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "big-ip edge clients for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7080"
},
{
"_id": null,
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1.1"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"_id": null,
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip edge clients for apple ios",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.0.5"
},
{
"_id": null,
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"_id": null,
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.1.0"
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"_id": null,
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "icewall sso dfw r1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v19.7"
},
{
"_id": null,
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.20.5.0"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "10.0-release-p5",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"_id": null,
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"_id": null,
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"_id": null,
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"_id": null,
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v310.1"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"_id": null,
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"_id": null,
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"_id": null,
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"_id": null,
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77109.7"
},
{
"_id": null,
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"_id": null,
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"_id": null,
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2"
},
{
"_id": null,
"model": "infosphere balanced warehouse c4000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.1"
},
{
"_id": null,
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"_id": null,
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"_id": null,
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "infosphere balanced warehouse d5100",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"_id": null,
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"_id": null,
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"_id": null,
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"_id": null,
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "icewall sso dfw r2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"_id": null,
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"_id": null,
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.8"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"_id": null,
"model": "8.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "infosphere balanced warehouse c3000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"_id": null,
"model": "puredata system for operational analytics a1791",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "icewall sso certd r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"_id": null,
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v110.1"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"_id": null,
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"_id": null,
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip edge clients for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7080"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "8.4-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"_id": null,
"model": "9.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"_id": null,
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"_id": null,
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "9.1-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"_id": null,
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "88704.76.0"
},
{
"_id": null,
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"_id": null,
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"_id": null,
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip edge clients for apple ios",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.0.6"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "cognos planning fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "big-ip edge clients for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "x7080"
},
{
"_id": null,
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"_id": null,
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1"
},
{
"_id": null,
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "blackberry link",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "1.2"
},
{
"_id": null,
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"_id": null,
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"_id": null,
"model": "10.0-beta",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"_id": null,
"model": "one-x client enablement services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"_id": null,
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"_id": null,
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "stunnel",
"scope": "ne",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.02"
},
{
"_id": null,
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.02007"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025308"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.99"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.9"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "85704.76.0"
},
{
"_id": null,
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0"
},
{
"_id": null,
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"_id": null,
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"_id": null,
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.3"
},
{
"_id": null,
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "8.4-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "lotus foundations start",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"_id": null,
"model": "10.0-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.7"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"_id": null,
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"_id": null,
"model": "big-ip edge clients for android",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.0.0"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.3"
},
{
"_id": null,
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "57100"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"_id": null,
"model": "8.4-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"_id": null,
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip edge clients for android",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0.4"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.6"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"_id": null,
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"_id": null,
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project metasploit framework",
"scope": "ne",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.3"
},
{
"_id": null,
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.2"
},
{
"_id": null,
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "10.0-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10500"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"_id": null,
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "8.4-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"_id": null,
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2.6"
},
{
"_id": null,
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"_id": null,
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77009.7"
},
{
"_id": null,
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"_id": null,
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip edge clients for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7101"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"_id": null,
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp12",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"_id": null,
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"_id": null,
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "9.1-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "icewall sso dfw certd",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"_id": null,
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"_id": null,
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"_id": null,
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"_id": null,
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"_id": null,
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0"
},
{
"_id": null,
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"_id": null,
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"_id": null,
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"_id": null,
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "8.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"_id": null,
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v39.7"
},
{
"_id": null,
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"_id": null,
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.00"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"_id": null,
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.12"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"_id": null,
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"_id": null,
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "8.4-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"_id": null,
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "20500"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"_id": null,
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v29.7"
},
{
"_id": null,
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"_id": null,
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "10.0-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"_id": null,
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"_id": null,
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.01"
},
{
"_id": null,
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"_id": null,
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"_id": null,
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.166"
},
{
"_id": null,
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"_id": null,
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "big-ip edge clients for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7101"
},
{
"_id": null,
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "project openssl 0.9.8za",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "35.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "big-ip edge clients for apple ios",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0.1"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "9.3-beta1",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.1"
},
{
"_id": null,
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#978508"
},
{
"db": "BID",
"id": "67901"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"credits": {
"_id": null,
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "127386"
},
{
"db": "PACKETSTORM",
"id": "128156"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127937"
},
{
"db": "PACKETSTORM",
"id": "127469"
}
],
"trust": 0.6
},
"cve": "CVE-2014-0224",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0224",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "LOW",
"baseScore": 6.4,
"collateralDamagePotential": "HIGH",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "HIGH",
"enviromentalScore": 8.1,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 5.5,
"id": "CVE-2014-0224",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"integrityRequirement": "MEDIUM",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "MEDIUM",
"targetDistribution": "HIGH",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:A/AC:M/Au:N/C:C/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2014-0224",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0224",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0224",
"trust": 0.8,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-0224",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#978508"
},
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"description": {
"_id": null,
"data": "OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the \"CCS Injection\" vulnerability. OpenSSL is vulnerable to a man-in-the-middle attack. \nAn attacker can exploit this issue to crash the affected application, denying service to legitimate users. \n\nHP IceWall SSO Dfw and MCRP\n\nIf possible, do not use SHOST setting which allows IceWall SSO Dfw or MCRP to\nuse SSL/TLS for back-end web server connection. \n\nHP IceWall SSO Dfw Certd\n\nIf possible, set LDAPSSL to 0 to make HP SSO IceWall Certd to not use SSL/TLS\non any connection with LDAP server. \n\nReferences: CVE-2014-0224, SSRT101656\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP BladeSystem c-Class Virtual Connect Firmware prior to v4.30. \n\nHP BladeSystem c-Class Virtual Connect Firmware v4.30 is available at the\nfollowing download location:\n\nhttp://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail\ns/?javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTo\nk=com.vignette.cachetoken\u0026javax.portlet.prp_bd9b6997fbc7fc515f4cf4626f5c8d01=\nwsrp-navigationalState%3Didx%253D%257CswItem%253DMTX_52c1d36ae30d4630bbf60592\nab%257CswEnvOID%253D2078%257CitemLocale%253D%257CswLang%253D%257Cmode%253D%25\n7Caction%253DdriverDocument\u0026javax.portlet.tpst=bd9b6997fbc7fc515f4cf4626f5c8d\n01\u0026sp4ts.oid=3884114\u0026ac.admitted=1406807633194.876444892.199480143\n\nNOTE: The Virtual Connect Manager software is an OpenSSL client when it\ncommunicates with Onboard Administrator, Virtual Connect Fiber Channel\nmodules, and LDAP servers. There is no plan to update either Virtual Connect\nv3.61 or v4.01. Please ensure that\nall LDAP servers with which these products communicate are secure and that\nthe latest version of Onboard Administrator is installed. The Virtual Connect\nFiber Channel module does not have a vulnerable OpenSSL server. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04378799\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04378799\nVersion: 1\n\nHPSBMU03074 rev.1 - HP Insight Control server migration on Linux and Windows\nrunning OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized\nAccess, Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-07-23\nLast Updated: 2014-07-23\n\nPotential Security Impact: Remote denial of service (DoS), code execution,\nunauthorized access, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Insight\nControl server migration running on Linux and Windows which could be\nexploited remotely resulting in denial of service (DoS), code execution,\nunauthorized access, or disclosure of information. \n\nReferences:\n\nCVE-2010-5298 Remote Denial of Service\nCVE-2014-0076 Unauthorized Disclosure of Information\nCVE-2014-0195 Remote Unauthorized Access\nCVE-2014-0198 Remote Denial of Service\nCVE-2014-0221 Remote Denial of Service (DoS)\nCVE-2014-0224 Remote Unauthorized Access or Disclosure of Information\nCVE-2014-3470 Remote Code Execution or Unauthorized Access\nSSRT101647\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server migration v7.2.2, v7.3, v7.3.1, and v7.3.2\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following updates to v7.3.2 of HP Insight Control server\nmigration to resolve these vulnerabilities by upgrading to version 7.3.3. \nPlease note that version 7.3.3 of HP Insight Control server migration is\nincluded on the HP Insight Management 7.3 Update 2 DVD. \n\nHP has provided the installation binaries for download from the following web\nsite by using the Receive for free option:\n\nhttp://h18013.www1.hp.com/products/servers/management/fpdownload.html\n\nCustomers using HP Insight Control server migration v7.2.2 must first upgrade\nfrom v7.2.2 to v7.3 by using the HP Insight Management v7.3 DVD, and then\nupgrade to v7.3.3 by using the HP Insight Management v7.3 Update 2 DVD. \n\nCustomers running HP Insight Control server migration v7.3, v7.3.1, or\nv7.3.2, can use the HP Insight Control server migration v7.3 Update 2 DVD to\ncomplete the upgrade. \n\nFor more information on the upgrade process, please refer to the HP Insight\nManagement Installation and Upgrade Guide and Release notes, which are\navailable at the following location:\n\nhttp://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind\nex.aspx?cat=insightmanagement\n\nNOTE: The upgrade paths described above update the entire HP Insight Control\nsoftware stack. To upgrade HP Insight Control server migration only, complete\nthe following steps:\n\nCopy \"hpsmp.exe\" to the local machine from the HP Insight Management v7.3.0\nUpdate 2 DVD ISO. Create batch file with the following commands:\n@echo off\nhpsmp.exe /verysilent /SVCPATCH=Install_Through_Patch\nCopy the batch file to the folder where \"hpsmp.exe\" normally resides on the\ntarget system. \nDouble click on the batch file. \nThe HP Insight Control server migration installation starts in a command\nprompt. \nThe command prompt closes when the installation finishes. \nAfter the installation completes it creates a log file (ICmigr.log) and an\noutput file (ICmigroutput.xml) on the target system. \nDo not close or click on the command prompt while the process is completing. \nDo not run the command prompt in the background. \n\nHISTORY\nVersion:1 (rev.1) - 23 July 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlPPv38ACgkQ4B86/C0qfVmWsACgvg3ZBSYc1uQDUvMq71r7LLsR\nZUUAnjwnaUdNhtgUmVoIOUaKjKyQIHsM\n=pNB+\n-----END PGP SIGNATURE-----\n. \nHP System Management Homepage versions 7.3.2 and earlier for Linux and\nWindows. HP System Management Homepage v7.2.4.1 is available for\nWindows 2003 only. \n\nHP System Management Homepage v7.2.4.1 for Windows x86:\nhttp://www.hp.com/swpublishing/MTX-d775367b0a28449ca05660778b\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98702\n\nHP System Management Homepage v7.2.4.1 for Windows x64:\nhttp://www.hp.com/swpublishing/MTX-3a7aa5e233904ebe847a5e1555\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98704\n\nHP System Management Homepage v7.3.3.1 for Windows x86:\nhttp://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98696\n\nHP System Management Homepage v7.3.3.1 for Windows x64:\nhttp://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98698\n\nHP System Management Homepage v7.3.3.1 for Linux x86:\nhttp://www.hp.com/swpublishing/MTX-511c3e0b2f6f4f6bbc796fc619\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1980463820/v98694\n\nHP System Management Homepage v7.3.3.1 for Linux x64:\nhttp://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1507410135/v98693\n\nNOTE: HP System Management Homepage v7.3.3.1 for Linux x86 still contains\nOpenSSL v1.0.0d. As long as all other products which SMH V7.3.3.1 for Linux\nx86 communicates with have been upgraded to the latest versions, it will not\nbe vulnerable to the exploits described in CVE-2014-0224. OpenSSL\nis a 3rd party product that is embedded with some HP Software products. This\nbulletin notifies HP Software customers about products affected by this\nOpenSSL vulnerability. The impacted products appear in the list below\nare vulnerable due to embedding of OpenSSL standard release software. \n\nHP Asset Manager / CloudSystem Chargeback v9.40\n Install patch v9.40.P4\n\nFor Windows(en)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00376\n\nFor Windows(de)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00377\n\nFor Windows(es)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00378\n\nFor Windows(fr)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00379\n\nFor Windows(it)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00380\n\nFor Windows(ja)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00381\n\nFor Windows(ko)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00382\n\nFor Windows(nl)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00383\n\nFor Windows(pt)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00384\n\nFor Windows(ru)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00385\n\nFor Windows(zh)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00386\n\nFor Linux(en)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00387\n\nFor Linux(de)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00388\n\nFor Linux(es)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00389\n\nFor Linux(fr)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00390\n\nFor Linux(it)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00391\n\nFor Linux(ja)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00392\n\nFor Linux(ko)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00393\n\nFor Linux(nl)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00394\n\nFor Linux(pt)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00395\n\nFor Linux(ru)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00396\n\nFor Linux(zh)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00397\n\nHP Asset Manager v9.41\n Install patch v9.41.P1\n\nFor Windows(en)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00423\n\nFor windows(de)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00424\n\nFor Windows(es)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00425\n\nFor Windows(fr)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00426\n\nFor Windows(it)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00427\n\nFor Windows(ja)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00428\n\nFor Windows(ko)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00429\n\nFor Windows(nl)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00430\n\nFor Windows(pt)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00431\n\nFor Windows(ru)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00432\n\nFor Windows(zh)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00433\n\nFor Linux(en)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00434\n\nFor Linux(de)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00435\n\nFor Linux(es)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00436\n\nFor Linux(fr)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00437\n\nFor Linux(it)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00438\n\nFor Linux(ja)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00439\n\nFor Linux(ko)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00440\n\nFor Linux(nl)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00441\n\nFor Linux(pt)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00442\n\nFor Linux(ru)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00443\n\nFor Linux(zh)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00444\n\nHP Asset Manager v9.3x\n Install patch v9.32.P2\n\nFor Windows(en)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00398\n\nFor Windows(de)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00399\n\nFor Windows(es)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00400\n\nFor Windows(fr)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00401\n\nFor Windows(it)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00402\n\nFor Windows(ja)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00403\n\nFor Windows(ko)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00404\n\nFor Windows(nl)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00405\n\nFor Windows(pt)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00406\n\nFor Windows(ru)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00407\n\nFor Windows(zh)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00408\n\nFor Linux(en)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00409\n\nFor Linux (de)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00410\n\nFor Linux (es)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00411\n\nFor Linux (fr)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00412\n\nFor Linux (it)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00413\n\nFor Linux (ja)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00414\n\nFor Linux (ko)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00415\n\nFor Linux (nl)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00416\n\nFor Linux (pt)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00417\n\nFor Linux (ru)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00418\n\nFor Linux (zh)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00419\n\nFor AIX ANSI (en de es fr it nl pt)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00420\n\nFor HPUX ANSI (en de es fr it nl pt)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00421\n\nFor Solaris ANSI (en de es fr it nl pt)\n http://support.openview.hp.com/selfsolve/document/LID/AMGR_00422\n\nHP Asset Manager v5.2x\n upgrade to v9.41.P1\n\nHISTORY\nVersion:1 (rev.1) - 19 August 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities \n\nEMC Identifier: ESA-2014-079\n\nCVE Identifier: See below for individual CVEs\n\nSeverity Rating: CVSS v2 Base Score: See below for individual CVSS score for each CVE\n\nAffected products: \n\\x95\tAll EMC Documentum Content Server versions of 7.1 prior to P07\n\\x95\tAll EMC Documentum Content Server versions of 7.0\n\\x95\tAll EMC Documentum Content Server versions of 6.7 SP2 prior to P16\n\\x95\tAll EMC Documentum Content Server versions of 6.7 SP1\n\\x95\tAll EMC Documentum Content Server versions prior to 6.7 SP1\n \nSummary: \nEMC Documentum Content Server contains fixes for multiple vulnerabilities which also include vulnerabilities disclosed by the OpenSSL project on June 5, 2014 in OpenSSL. \n\nDetails: \nEMC Documentum Content Server may be susceptible to the following vulnerabilities:\n\n\\x95\tArbitrary Code Execution (CVE-2014-4618):\nAuthenticated non-privileged users can potentially execute Documentum methods with higher level privileges (up to and including superuser privileges) due to improper authorization checks being performed on user-created system objects. \nCVSS v2 Base Score: 8.2 (AV:N/AC:M/Au:S/C:C/I:C/A:P)\n\n\\x95\tDQL Injection (CVE-2014-2520):\nCertain DQL hints in EMC Documentum Content Server may be potentially exploited by an authenticated non-privileged malicious user to conduct DQL injection attacks and read the database contents. This issue only affects Content Server running on Oracle database. \nCVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)\n\n\\x95\tInformation Disclosure (CVE-2014-2521):\nAuthenticated non-privileged users are allowed to retrieve meta-data of unauthorized system objects due to improper authorization checks being performed on certain RPC commands in Content Server. \nCVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)\n\n\\x95\tMultiple OpenSSL vulnerabilities (See individual CVEs below and refer to NVD for each of their scores):\n\tSSL/TLS Man-in-the-middle (MITM) vulnerability (CVE-2014-0224)\n\tDTLS recursion flaw (CVE-2014-0221)\n\tDTLS invalid fragment vulnerability (CVE-2014-0195)\n\tSSL_MODE_RELEASE_BUFFERS NULL pointer deference (CVE-2014-0198)\n\tSSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)\n\tAnonymous ECDH denial of service (CVE-2014-3470)\n\tFLUSH + RELOAD cache side-channel attack (CVE-2014-0076)\nFor more information about these vulnerabilities, please visit the original OpenSSL advisory https://www.openssl.org/news/secadv_20140605.txt \n\nResolution: \nThe following versions contain the resolution for these issues: \n\\x95\tEMC Documentum Content Server version 7.1 P07 and later\n\\x95\tEMC Documentum Content Server version 7.0: Hotfixes are available for Windows \u0026 Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \n\\x95\tEMC Documentum Content Server version 6.7 SP2 P16 and later\n\\x95\tEMC Documentum Content Server version 6.7 SP1: Hotfixes are available for Windows \u0026 Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \n\nEMC recommends all customers to upgrade to one of the above versions at the earliest opportunity. \n\nLink to remedies:\nRegistered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/2732_Documentum-Server\n\nFor Hotfix, contact EMC Support. \n\n\n\nRead and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867. \n\nFor an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. \n\nEMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. \n\n - Go to the HP Software Depot site at http://www.software.hp.com and search\nfor \"HP OneView\". -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: Red Hat JBoss Enterprise Application Platform 5.2.0 security update\nAdvisory ID: RHSA-2014:0630-01\nProduct: Red Hat JBoss Enterprise Application Platform\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-0630.html\nIssue date: 2014-06-05\nCVE Names: CVE-2014-0224 \n=====================================================================\n\n1. Summary:\n\nAn update for Red Hat JBoss Enterprise Application Platform 5.2.0 that\nfixes one security issue is now available from the Red Hat Customer Portal. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section. \n\n2. Description:\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications, which integrates the JBoss Application Server with JBoss\nHibernate and JBoss Seam. \n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. \n\nIt was found that OpenSSL clients and servers could be forced, via a\nspecially crafted handshake packet, to use weak keying material for\ncommunication. A man-in-the-middle attacker could use this flaw to decrypt\nand modify traffic between a client and a server. (CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client must be\nusing a vulnerable version of OpenSSL; the server must be using OpenSSL\nversion 1.0.1 and above, and the client must be using any version of\nOpenSSL. Red Hat JBoss Enterprise Application Platform includes OpenSSL\n0.9.8e, so this flaw is only exploitable when OpenSSL in JBoss EAP is used\nas a client, communicating with a vulnerable server running OpenSSL version\n1.0.1 and above. For more information about this flaw, refer to:\nhttps://access.redhat.com/site/articles/904433\n\nRed Hat would like to thank the OpenSSL project for reporting this issue. \nUpstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter\nof this issue. \n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2.0 as\nprovided from the Red Hat Customer Portal are advised to apply this update. \nThe JBoss server process must be restarted for this update to take effect. \n\n3. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting Red Hat JBoss Enterprise Application Platform installation and\ndeployed applications (including all applications and configuration files). \n\n4. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2014-0224.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/site/articles/904433\nhttps://access.redhat.com/site/solutions/906533\nhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=5.2.0\n\n6. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0224"
},
{
"db": "CERT/CC",
"id": "VU#978508"
},
{
"db": "BID",
"id": "67901"
},
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "PACKETSTORM",
"id": "127386"
},
{
"db": "PACKETSTORM",
"id": "128156"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127937"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "127469"
},
{
"db": "PACKETSTORM",
"id": "126934"
}
],
"trust": 2.7
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/978508",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#978508"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-0224",
"trust": 2.2
},
{
"db": "CERT/CC",
"id": "VU#978508",
"trust": 1.8
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "59827",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59190",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60577",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59004",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59389",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59364",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59374",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59589",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60567",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59506",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59435",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59192",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59444",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59449",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59223",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59502",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59325",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59383",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59529",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59784",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59990",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58615",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58639",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "61815",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59530",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59214",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59305",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59167",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59447",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59429",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59661",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58742",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59354",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59894",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59495",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59063",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59347",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59445",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59659",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59483",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59380",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59916",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59188",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60571",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59440",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58714",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58945",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59525",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59264",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59175",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59370",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59163",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58719",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59043",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58433",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59101",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60176",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60819",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59142",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59093",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59310",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59375",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58716",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59885",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59451",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59282",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59448",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59040",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59365",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60049",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58660",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58759",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58745",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59677",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59126",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59055",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59438",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59441",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59362",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59132",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59135",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59211",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59442",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58579",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59231",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59459",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "61254",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59191",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59338",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59202",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59491",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59215",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59120",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59602",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58743",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59518",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59454",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58667",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59368",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59824",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58128",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59306",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59528",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59878",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60522",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59514",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59189",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59186",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59012",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1031032",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1031594",
"trust": 1.0
},
{
"db": "SIEMENS",
"id": "SSA-234763",
"trust": 1.0
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 1.0
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.3
},
{
"db": "BID",
"id": "67901",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-0224",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127386",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128156",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127362",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127937",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127923",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127469",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126934",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#978508"
},
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "BID",
"id": "67901"
},
{
"db": "PACKETSTORM",
"id": "127386"
},
{
"db": "PACKETSTORM",
"id": "128156"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127937"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "127469"
},
{
"db": "PACKETSTORM",
"id": "126934"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"id": "VAR-201406-0445",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.41142965368421053
},
"last_update_date": "2026-04-10T23:23:58.165000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Amazon Linux AMI: ALAS-2014-351",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-351"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03107 rev.3 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=d0eef6c81e529a1b8e4ea4b72eaef4d0"
},
{
"title": "Amazon Linux AMI: ALAS-2014-350",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-350"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=b92b65104373bc8476811ff1b99cd369"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03107 rev.3 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=a7d1e620ea07a6fd4d3ec24012763337"
},
{
"title": "Red Hat: CVE-2014-0224",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-0224"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2232-3"
},
{
"title": "HP: HPSBPI03107 rev.3 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03107"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2232-4"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2232-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2232-2"
},
{
"title": "Debian Security Advisories: DSA-2950-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=909292f2afe623fbec51f7ab6b32f790"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Tenable Security Advisories: [R8] Tenable Products Affected by OpenSSL \u0027CCS Injection\u0027 Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2014-03"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-349"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2014-0224 "
},
{
"title": "crochet-technologies",
"trust": 0.1,
"url": "https://github.com/crochet-technology/crochet-technologies "
},
{
"title": "openssl-ccs-cve-2014-0224",
"trust": 0.1,
"url": "https://github.com/ssllabs/openssl-ccs-cve-2014-0224 "
},
{
"title": "android-development-best-practices",
"trust": 0.1,
"url": "https://github.com/niharika2810/android-development-best-practices "
},
{
"title": "ssl-grader",
"trust": 0.1,
"url": "https://github.com/SSLyze410-SSLGrader-wCipherSuite-info/ssl-grader "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/dtarnawsky/capacitor-plugin-security-provider "
},
{
"title": "qualysparser",
"trust": 0.1,
"url": "https://github.com/pr4jwal/qualysparser "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Wanderwille/13.01 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0224"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-326",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.0,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 2.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 1.3,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 1.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
},
{
"trust": 1.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 1.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 1.3,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 1.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 1.3,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"trust": 1.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 1.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 1.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 1.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0630.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59120"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676786"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 1.0,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6060\u0026myns=phmc\u0026mync=e"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677390"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59445"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59440"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59506"
},
{
"trust": 1.0,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=bc8923b1ec9c467755cd86f7848c50ee8812e441"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/support/kb/doc.php?id=7015300"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676536"
},
{
"trust": 1.0,
"url": "http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59441"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59338"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:106"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59043"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.kb.cert.org/vuls/id/978508"
},
{
"trust": 1.0,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59004"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29217"
},
{
"trust": 1.0,
"url": "http://www.splunk.com/view/sp-caaam2d"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/61815"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59362"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59514"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59429"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59528"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58492"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677131"
},
{
"trust": 1.0,
"url": "https://www.ibm.com/support/docview.wss?uid=ssg1s1004671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59827"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"trust": 1.0,
"url": "https://www.ibm.com/support/docview.wss?uid=ssg1s1004670"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58639"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59282"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676833"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59495"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60571"
},
{
"trust": 1.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1031032"
},
{
"trust": 1.0,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58128"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58716"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59190"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59142"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59438"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58433"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59389"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59364"
},
{
"trust": 1.0,
"url": "http://support.apple.com/kb/ht6443"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676877"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037731"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004690"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677567"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60577"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140870499402361\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58719"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60819"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0633.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/61254"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59447"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59659"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.0,
"url": "http://puppetlabs.com/security/cve/cve-2014-0224"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60567"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59483"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29195"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140386311427810\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59040"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59306"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58714"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59661"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58742"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59163"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59368"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676333"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59214"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140499864129699\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59101"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140794476212181\u0026w=2"
},
{
"trust": 1.0,
"url": "http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59451"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59305"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59602"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140983229106599\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59189"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59192"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59012"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59063"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59916"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140604261522465\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140369637402535\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141025641601169\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59264"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59435"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59448"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676478"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59310"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141164638606214\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
},
{
"trust": 1.0,
"url": "https://filezilla-project.org/versions.php?type=server"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1004678"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59202"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59231"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59380"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf"
},
{
"trust": 1.0,
"url": "http://www.kerio.com/support/kerio-control/release-history"
},
{
"trust": 1.0,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59446"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
},
{
"trust": 1.0,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140784085708882\u0026w=2"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1020948"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59677"
},
{
"trust": 1.0,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59215"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59784"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.0,
"url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/releasenotes_for_snare_for_mssql.pdf"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58945"
},
{
"trust": 1.0,
"url": "https://www.imperialviolet.org/2014/06/05/earlyccs.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59325"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59284"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141147110427269\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59454"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59589"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0632.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
},
{
"trust": 1.0,
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2014/jun/38"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59374"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676644"
},
{
"trust": 1.0,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1iv61506"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59449"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:105"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0627.html"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037729"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59055"
},
{
"trust": 1.0,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1031594"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677080"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0680.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59126"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59223"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.0,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6061\u0026myns=phmc\u0026mync=e"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/site/blogs/766093/posts/908133"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095740"
},
{
"trust": 1.0,
"url": "http://ccsinjection.lepidum.co.jp"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59135"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59167"
},
{
"trust": 1.0,
"url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_release_notes.pdf"
},
{
"trust": 1.0,
"url": "http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download"
},
{
"trust": 1.0,
"url": "https://discussions.nessus.org/thread/7517"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59175"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59502"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678233"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59211"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141383410222440\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59824"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037727"
},
{
"trust": 1.0,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103586"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59375"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59444"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60176"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59365"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676615"
},
{
"trust": 1.0,
"url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/releasenotes_for_snare_for_windows.pdf"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58667"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59990"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59354"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59442"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59188"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60049"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59347"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58660"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59525"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59191"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=swg1it02314"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59093"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58759"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59518"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60522"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59370"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59459"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037730"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59132"
},
{
"trust": 1.0,
"url": "http://esupport.trendmicro.com/solution/en-us/1103813.aspx"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676334"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59885"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59894"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0624.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59491"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 1.0,
"url": "http://www.novell.com/support/kb/doc.php?id=7015264"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59878"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037732"
},
{
"trust": 1.0,
"url": "http://linux.oracle.com/errata/elsa-2014-1053.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140672208601650\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58745"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59530"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59383"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140852757108392\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58615"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59529"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140852826008699\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60066"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676845"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0626.html"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037870"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58579"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58743"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0631.html"
},
{
"trust": 0.8,
"url": "http://ccsinjection.lepidum.co.jp/"
},
{
"trust": 0.8,
"url": "http://ccsinjection.lepidum.co.jp/blog/2014-06-05/ccs-injection-en/index.html"
},
{
"trust": 0.8,
"url": "https://plus.google.com/app/basic/stream/z12xhp3hbzbhhjgfm22ncvtbeua1dpaa004"
},
{
"trust": 0.8,
"url": "http://support.attachmate.com/techdocs/2700.html"
},
{
"trust": 0.8,
"url": "https://www.debian.org/security/2014/dsa-2950"
},
{
"trust": 0.8,
"url": "https://admin.fedoraproject.org/updates/openssl-1.0.1e-38.fc19"
},
{
"trust": 0.8,
"url": "http://www.freebsd.org/security/advisories/freebsd-sa-14:14.openssl.asc"
},
{
"trust": 0.8,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04401858"
},
{
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/av14-002.html"
},
{
"trust": 0.8,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3566"
},
{
"trust": 0.8,
"url": "http://linux.oracle.com/errata/elsa-2014-0625.html"
},
{
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00003.html"
},
{
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/usn-2232-1/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 0.6,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.6,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.6,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0221_resource_management"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://www.cerberusftp.com/products/releasenotes.html"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2014/06/chrome-for-android-update.html"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678123"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678073"
},
{
"trust": 0.3,
"url": "http://www.openssl.org"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www8.hp.com/us/en/software-solutions/operations-analytics-operations-analysis/"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "https://community.rapid7.com/community/metasploit/blog/2014/06/05/security-advisory-openssl-vulnerabilities-cve-2014-0224-cve-2014-0221-in-metasploit"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685551"
},
{
"trust": 0.3,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15343.html"
},
{
"trust": 0.3,
"url": "http://www.marshut.com/ixwnpv/stunnel-5-02-released.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04343424"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04363613"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368523"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04337774"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04336637"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678413"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676673"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678660"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676128"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/33a01-5228bdf5d027e/cert_security_mini-_bulletin_xrx15ao_for_cq8570-cq8870_v1-0.pdf"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100182784"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676840"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676226"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682023"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682026"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682024"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004695"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://www.ubuntu.com/usn/usn-2232-4/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/site/articles/904433"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_n"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://www.hp.com/jp/icewall_patchaccess"
},
{
"trust": 0.1,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/psi/swddetail"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/fpdownload.html"
},
{
"trust": 0.1,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-511c3e0b2f6f4f6bbc796fc619"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-bd9a1cf60e344c549c4888db93"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-3395d737d98f42149125b9bb05"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-3a7aa5e233904ebe847a5e1555"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-d775367b0a28449ca05660778b"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-e8076c2a35804685ad65b2b1ba"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00376"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00444"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00388"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00429"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00405"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00377"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00410"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00422"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00430"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00382"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00432"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00416"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00389"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00380"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00417"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00396"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00378"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00391"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00390"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00437"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00393"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00398"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00442"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00404"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00406"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00423"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00431"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00428"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00400"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00402"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00392"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00385"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00394"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00435"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00443"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00409"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00411"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00440"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00426"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00427"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00384"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00434"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00414"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00408"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00415"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00395"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00413"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00433"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00441"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00399"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00438"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00383"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00403"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00419"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00424"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00439"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00401"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00387"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00381"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00436"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00420"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00421"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00412"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00386"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00397"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00425"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00379"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00407"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/amgr_00418"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2520"
},
{
"trust": 0.1,
"url": "https://support.emc.com/downloads/2732_documentum-server"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2521"
},
{
"trust": 0.1,
"url": "http://www.software.hp.com"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/906533"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0224.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=5.2.0"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#978508"
},
{
"db": "BID",
"id": "67901"
},
{
"db": "PACKETSTORM",
"id": "127386"
},
{
"db": "PACKETSTORM",
"id": "128156"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127937"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "127469"
},
{
"db": "PACKETSTORM",
"id": "126934"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#978508",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2014-0224",
"ident": null
},
{
"db": "BID",
"id": "67901",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127386",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "128156",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127607",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127362",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127937",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127923",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127469",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126934",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-0224",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-06-05T00:00:00",
"db": "CERT/CC",
"id": "VU#978508",
"ident": null
},
{
"date": "2014-06-05T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0224",
"ident": null
},
{
"date": "2014-06-05T00:00:00",
"db": "BID",
"id": "67901",
"ident": null
},
{
"date": "2014-07-09T04:03:23",
"db": "PACKETSTORM",
"id": "127386",
"ident": null
},
{
"date": "2014-09-04T18:39:03",
"db": "PACKETSTORM",
"id": "128156",
"ident": null
},
{
"date": "2014-07-24T23:47:46",
"db": "PACKETSTORM",
"id": "127607",
"ident": null
},
{
"date": "2014-07-06T18:53:39",
"db": "PACKETSTORM",
"id": "127362",
"ident": null
},
{
"date": "2014-08-20T15:18:56",
"db": "PACKETSTORM",
"id": "127937",
"ident": null
},
{
"date": "2014-08-19T16:52:04",
"db": "PACKETSTORM",
"id": "127923",
"ident": null
},
{
"date": "2014-07-15T23:58:24",
"db": "PACKETSTORM",
"id": "127469",
"ident": null
},
{
"date": "2014-06-05T19:57:17",
"db": "PACKETSTORM",
"id": "126934",
"ident": null
},
{
"date": "2014-06-05T21:55:07.817000",
"db": "NVD",
"id": "CVE-2014-0224",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2015-10-27T00:00:00",
"db": "CERT/CC",
"id": "VU#978508",
"ident": null
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0224",
"ident": null
},
{
"date": "2017-05-23T16:25:00",
"db": "BID",
"id": "67901",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-0224",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "67901"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "OpenSSL is vulnerable to a man-in-the-middle attack",
"sources": [
{
"db": "CERT/CC",
"id": "VU#978508"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "67901"
}
],
"trust": 0.3
}
}
VAR-201304-0062
Vulnerability from variot - Updated: 2026-04-10 23:21Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing. Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Note: This issue was previously discussed in BID 58818 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2013-30 through -40 Multiple Vulnerabilities), but has been moved to its own record to better document it. The issue is fixed in: Firefox 20.0 Firefox ESR 17.0.5 Thunderbird 17.0.5 Thunderbird ESR 17.0.5 SeaMonkey 2.17. ============================================================================ Ubuntu Security Notice USN-1786-2 April 04, 2013
unity-firefox-extension update
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
Summary:
This update provides a compatible version of Unity Firefox Extension for Firefox 20.
Software Description: - unity-firefox-extension: Unity Integration for Firefox
Details:
USN-1786-1 fixed vulnerabilities in Firefox. (CVE-2013-0788, CVE-2013-0789)
Ambroz Bizjak discovered an out-of-bounds array read in the CERT_DecodeCertPackage function of the Network Security Services (NSS) libary when decoding certain certificates. An attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2013-0791)
Tobias Schula discovered an information leak in Firefox when the gfx.color_management.enablev4 preference is enabled. If the user were tricked into opening a specially crafted image, an attacker could potentially exploit this to steal confidential data. By default, the gfx.color_management.enablev4 preference is not enabled in Ubuntu. (CVE-2013-0792)
Mariusz Mlynski discovered that timed history navigations could be used to load arbitrary websites with the wrong URL displayed in the addressbar. (CVE-2013-0793)
It was discovered that the origin indication on tab-modal dialog boxes could be removed, which could allow an attacker's dialog to be displayed over another sites content. An attacker could exploit this to conduct phishing attacks. (CVE-2013-0794)
Cody Crews discovered that the cloneNode method could be used to bypass System Only Wrappers (SOW) to clone a protected node and bypass same-origin policy checks. (CVE-2013-0795)
A crash in WebGL rendering was discovered in Firefox. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201309-23
http://security.gentoo.org/
Severity: High Title: Mozilla Products: Multiple vulnerabilities Date: September 27, 2013 Bugs: #450940, #458390, #460818, #464226, #469868, #474758, #479968, #485258 ID: 201309-23
Synopsis
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, some of which may allow a remote user to execute arbitrary code. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. Please review the CVE identifiers referenced below for details. Further, a remote attacker could conduct XSS attacks, spoof URLs, bypass address space layout randomization, conduct clickjacking attacks, obtain potentially sensitive information, bypass access restrictions, modify the local filesystem, or conduct other unspecified attacks.
Workaround
There is no known workaround at this time.
Resolution
All Mozilla Firefox users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-17.0.9"
All users of the Mozilla Firefox binary package should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-17.0.9"
All Mozilla Thunderbird users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-17.0.9"=
All users of the Mozilla Thunderbird binary package should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-17.0.9"
All SeaMonkey users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.21"
All users of the Mozilla SeaMonkey binary package should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.21"
References
[ 1 ] CVE-2013-0744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0744 [ 2 ] CVE-2013-0745 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0745 [ 3 ] CVE-2013-0746 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0746 [ 4 ] CVE-2013-0747 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0747 [ 5 ] CVE-2013-0748 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0748 [ 6 ] CVE-2013-0749 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0749 [ 7 ] CVE-2013-0750 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0750 [ 8 ] CVE-2013-0751 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0751 [ 9 ] CVE-2013-0752 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0752 [ 10 ] CVE-2013-0753 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0753 [ 11 ] CVE-2013-0754 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0754 [ 12 ] CVE-2013-0755 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0755 [ 13 ] CVE-2013-0756 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0756 [ 14 ] CVE-2013-0757 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0757 [ 15 ] CVE-2013-0758 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0758 [ 16 ] CVE-2013-0759 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0759 [ 17 ] CVE-2013-0760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0760 [ 18 ] CVE-2013-0761 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0761 [ 19 ] CVE-2013-0762 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0762 [ 20 ] CVE-2013-0763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0763 [ 21 ] CVE-2013-0764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0764 [ 22 ] CVE-2013-0765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0765 [ 23 ] CVE-2013-0766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0766 [ 24 ] CVE-2013-0767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0767 [ 25 ] CVE-2013-0768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0768 [ 26 ] CVE-2013-0769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0769 [ 27 ] CVE-2013-0770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0770 [ 28 ] CVE-2013-0771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0771 [ 29 ] CVE-2013-0772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0772 [ 30 ] CVE-2013-0773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0773 [ 31 ] CVE-2013-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0774 [ 32 ] CVE-2013-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0775 [ 33 ] CVE-2013-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0776 [ 34 ] CVE-2013-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0777 [ 35 ] CVE-2013-0778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0778 [ 36 ] CVE-2013-0779 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0779 [ 37 ] CVE-2013-0780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0780 [ 38 ] CVE-2013-0781 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0781 [ 39 ] CVE-2013-0782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0782 [ 40 ] CVE-2013-0783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0783 [ 41 ] CVE-2013-0784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0784 [ 42 ] CVE-2013-0787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0787 [ 43 ] CVE-2013-0788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0788 [ 44 ] CVE-2013-0789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0789 [ 45 ] CVE-2013-0791 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0791 [ 46 ] CVE-2013-0792 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0792 [ 47 ] CVE-2013-0793 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0793 [ 48 ] CVE-2013-0794 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0794 [ 49 ] CVE-2013-0795 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0795 [ 50 ] CVE-2013-0796 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0796 [ 51 ] CVE-2013-0797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0797 [ 52 ] CVE-2013-0799 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0799 [ 53 ] CVE-2013-0800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0800 [ 54 ] CVE-2013-0801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0801 [ 55 ] CVE-2013-1670 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1670 [ 56 ] CVE-2013-1671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1671 [ 57 ] CVE-2013-1674 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1674 [ 58 ] CVE-2013-1675 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1675 [ 59 ] CVE-2013-1676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1676 [ 60 ] CVE-2013-1677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1677 [ 61 ] CVE-2013-1678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1678 [ 62 ] CVE-2013-1679 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1679 [ 63 ] CVE-2013-1680 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1680 [ 64 ] CVE-2013-1681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1681 [ 65 ] CVE-2013-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1682 [ 66 ] CVE-2013-1684 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1684 [ 67 ] CVE-2013-1687 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1687 [ 68 ] CVE-2013-1690 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1690 [ 69 ] CVE-2013-1692 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1692 [ 70 ] CVE-2013-1693 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1693 [ 71 ] CVE-2013-1694 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1694 [ 72 ] CVE-2013-1697 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1697 [ 73 ] CVE-2013-1701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1701 [ 74 ] CVE-2013-1702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1702 [ 75 ] CVE-2013-1704 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1704 [ 76 ] CVE-2013-1705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1705 [ 77 ] CVE-2013-1707 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1707 [ 78 ] CVE-2013-1708 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1708 [ 79 ] CVE-2013-1709 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1709 [ 80 ] CVE-2013-1710 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1710 [ 81 ] CVE-2013-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1711 [ 82 ] CVE-2013-1712 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1712 [ 83 ] CVE-2013-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1713 [ 84 ] CVE-2013-1714 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1714 [ 85 ] CVE-2013-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1717 [ 86 ] CVE-2013-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1718 [ 87 ] CVE-2013-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1719 [ 88 ] CVE-2013-1720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1720 [ 89 ] CVE-2013-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1722 [ 90 ] CVE-2013-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1723 [ 91 ] CVE-2013-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1724 [ 92 ] CVE-2013-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1725 [ 93 ] CVE-2013-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1726 [ 94 ] CVE-2013-1728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1728 [ 95 ] CVE-2013-1730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1730 [ 96 ] CVE-2013-1732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1732 [ 97 ] CVE-2013-1735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1735 [ 98 ] CVE-2013-1736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1736 [ 99 ] CVE-2013-1737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1737 [ 100 ] CVE-2013-1738 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1738
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-23.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: firefox security update Advisory ID: RHSA-2013:0696-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0696.html Issue date: 2013-04-02 CVE Names: CVE-2013-0788 CVE-2013-0793 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800 =====================================================================
- Summary:
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-0788)
A flaw was found in the way Same Origin Wrappers were implemented in Firefox. (CVE-2013-0795)
A flaw was found in the embedded WebGL library in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Note: This issue only affected systems using the Intel Mesa graphics drivers. (CVE-2013-0796)
An out-of-bounds write flaw was found in the embedded Cairo library in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-0800)
A flaw was found in the way Firefox handled the JavaScript history functions. A malicious site could cause a web page to be displayed that has a baseURI pointing to a different site, allowing cross-site scripting (XSS) and phishing attacks. (CVE-2013-0793)
Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan Sreckovic, Joe Drew, Cody Crews, miaubiz, Abhishek Arya, and Mariusz Mlynski as the original reporters of these issues.
For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 17.0.5 ESR. You can find a link to the Mozilla advisories in the References section of this erratum.
All Firefox users should upgrade to these updated packages, which contain Firefox version 17.0.5 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
946927 - CVE-2013-0788 Mozilla: Miscellaneous memory safety hazards (rv:17.0.5) (MFSA 2013-30) 946929 - CVE-2013-0800 Mozilla: Out-of-bounds write in Cairo library (MFSA 2013-31) 946931 - CVE-2013-0796 Mozilla: WebGL crash with Mesa graphics driver on Linux (MFSA 2013-35) 946932 - CVE-2013-0795 Mozilla: Bypass of SOW protections allows cloning of protected nodes (MFSA 2013-36) 946935 - CVE-2013-0793 Mozilla: Cross-site scripting (XSS) using timed history navigations (MFSA 2013-38)
- Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm
i386: firefox-17.0.5-1.el5_9.i386.rpm firefox-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-17.0.5-1.el5_9.i386.rpm xulrunner-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm
x86_64: firefox-17.0.5-1.el5_9.i386.rpm firefox-17.0.5-1.el5_9.i386.rpm firefox-17.0.5-1.el5_9.x86_64.rpm firefox-17.0.5-1.el5_9.x86_64.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm firefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-17.0.5-1.el5_9.i386.rpm xulrunner-17.0.5-1.el5_9.i386.rpm xulrunner-17.0.5-1.el5_9.x86_64.rpm xulrunner-17.0.5-1.el5_9.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm
i386: xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm
x86_64: xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.x86_64.rpm xulrunner-devel-17.0.5-1.el5_9.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm
i386: firefox-17.0.5-1.el5_9.i386.rpm firefox-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm
ia64: firefox-17.0.5-1.el5_9.ia64.rpm firefox-17.0.5-1.el5_9.ia64.rpm firefox-debuginfo-17.0.5-1.el5_9.ia64.rpm firefox-debuginfo-17.0.5-1.el5_9.ia64.rpm xulrunner-17.0.5-1.el5_9.ia64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.ia64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.ia64.rpm xulrunner-devel-17.0.5-1.el5_9.ia64.rpm xulrunner-devel-17.0.5-1.el5_9.ia64.rpm
ppc: firefox-17.0.5-1.el5_9.ppc.rpm firefox-17.0.5-1.el5_9.ppc.rpm firefox-debuginfo-17.0.5-1.el5_9.ppc.rpm firefox-debuginfo-17.0.5-1.el5_9.ppc.rpm xulrunner-17.0.5-1.el5_9.ppc.rpm xulrunner-17.0.5-1.el5_9.ppc64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.ppc.rpm xulrunner-debuginfo-17.0.5-1.el5_9.ppc.rpm xulrunner-debuginfo-17.0.5-1.el5_9.ppc64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.ppc64.rpm xulrunner-devel-17.0.5-1.el5_9.ppc.rpm xulrunner-devel-17.0.5-1.el5_9.ppc64.rpm
s390x: firefox-17.0.5-1.el5_9.s390.rpm firefox-17.0.5-1.el5_9.s390.rpm firefox-17.0.5-1.el5_9.s390x.rpm firefox-17.0.5-1.el5_9.s390x.rpm firefox-debuginfo-17.0.5-1.el5_9.s390.rpm firefox-debuginfo-17.0.5-1.el5_9.s390.rpm firefox-debuginfo-17.0.5-1.el5_9.s390x.rpm firefox-debuginfo-17.0.5-1.el5_9.s390x.rpm xulrunner-17.0.5-1.el5_9.s390.rpm xulrunner-17.0.5-1.el5_9.s390x.rpm xulrunner-debuginfo-17.0.5-1.el5_9.s390.rpm xulrunner-debuginfo-17.0.5-1.el5_9.s390.rpm xulrunner-debuginfo-17.0.5-1.el5_9.s390x.rpm xulrunner-debuginfo-17.0.5-1.el5_9.s390x.rpm xulrunner-devel-17.0.5-1.el5_9.s390.rpm xulrunner-devel-17.0.5-1.el5_9.s390x.rpm
x86_64: firefox-17.0.5-1.el5_9.i386.rpm firefox-17.0.5-1.el5_9.i386.rpm firefox-17.0.5-1.el5_9.x86_64.rpm firefox-17.0.5-1.el5_9.x86_64.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.i386.rpm firefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm firefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-17.0.5-1.el5_9.i386.rpm xulrunner-17.0.5-1.el5_9.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm xulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.i386.rpm xulrunner-devel-17.0.5-1.el5_9.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
i386: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm
x86_64: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
i386: xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm
x86_64: xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
x86_64: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
i386: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm
ppc64: firefox-17.0.5-1.el6_4.ppc.rpm firefox-17.0.5-1.el6_4.ppc.rpm firefox-17.0.5-1.el6_4.ppc64.rpm firefox-17.0.5-1.el6_4.ppc64.rpm firefox-debuginfo-17.0.5-1.el6_4.ppc.rpm firefox-debuginfo-17.0.5-1.el6_4.ppc.rpm firefox-debuginfo-17.0.5-1.el6_4.ppc64.rpm firefox-debuginfo-17.0.5-1.el6_4.ppc64.rpm xulrunner-17.0.5-1.el6_4.ppc.rpm xulrunner-17.0.5-1.el6_4.ppc.rpm xulrunner-17.0.5-1.el6_4.ppc64.rpm xulrunner-17.0.5-1.el6_4.ppc64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm
s390x: firefox-17.0.5-1.el6_4.s390.rpm firefox-17.0.5-1.el6_4.s390.rpm firefox-17.0.5-1.el6_4.s390x.rpm firefox-17.0.5-1.el6_4.s390x.rpm firefox-debuginfo-17.0.5-1.el6_4.s390.rpm firefox-debuginfo-17.0.5-1.el6_4.s390.rpm firefox-debuginfo-17.0.5-1.el6_4.s390x.rpm firefox-debuginfo-17.0.5-1.el6_4.s390x.rpm xulrunner-17.0.5-1.el6_4.s390.rpm xulrunner-17.0.5-1.el6_4.s390.rpm xulrunner-17.0.5-1.el6_4.s390x.rpm xulrunner-17.0.5-1.el6_4.s390x.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm
x86_64: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
i386: xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm
ppc64: xulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm xulrunner-devel-17.0.5-1.el6_4.ppc.rpm xulrunner-devel-17.0.5-1.el6_4.ppc.rpm xulrunner-devel-17.0.5-1.el6_4.ppc64.rpm xulrunner-devel-17.0.5-1.el6_4.ppc64.rpm
s390x: xulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm xulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm xulrunner-devel-17.0.5-1.el6_4.s390.rpm xulrunner-devel-17.0.5-1.el6_4.s390.rpm xulrunner-devel-17.0.5-1.el6_4.s390x.rpm xulrunner-devel-17.0.5-1.el6_4.s390x.rpm
x86_64: xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
i386: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm
x86_64: firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.i686.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.i686.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm firefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.i686.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm
i386: xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm
x86_64: xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.i686.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm xulrunner-devel-17.0.5-1.el6_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0788.html https://www.redhat.com/security/data/cve/CVE-2013-0793.html https://www.redhat.com/security/data/cve/CVE-2013-0795.html https://www.redhat.com/security/data/cve/CVE-2013-0796.html https://www.redhat.com/security/data/cve/CVE-2013-0800.html https://access.redhat.com/security/updates/classification/#critical http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRWzt5XlSAg2UNWIIRAobXAJ9/uirvEeOiGpegRbi/Fdtv9BRXUACeMYpK taMjOQZpo7Ea1JPyhBWhy7M= =2sCd -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Note: All issues except CVE-2013-0800 cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. A crafted PNG image could use this flaw to leak data through rendered images drawing from random memory.
Security researcher Mariusz Mlynski reported a method to use browser navigations through history to load an arbitrary website with that page's baseURI property pointing to another site instead of the seemingly loaded one. The user will continue to see the incorrect site in the addressbar of the browser. This allows violation of the browser's same origin policy and could also lead to privilege escalation and the execution of arbitrary code (CVE-2013-0795).
Security researcher miaubiz used the Address Sanitizer tool to discover a crash in WebGL rendering when memory is freed that has not previously been allocated. The resulting crash could be potentially exploitable (CVE-2013-0796). When certain values are passed to it during rendering, Cairo attempts to use negative boundaries or sizes for boxes, leading to a potentially exploitable crash in some instances (CVE-2013-0800).
Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2013-0788).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0792 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0793 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0795 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0796 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0788 http://www.mozilla.org/security/announce/2013/mfsa2013-39.html http://www.mozilla.org/security/announce/2013/mfsa2013-38.html http://www.mozilla.org/security/announce/2013/mfsa2013-36.html http://www.mozilla.org/security/announce/2013/mfsa2013-35.html http://www.mozilla.org/security/announce/2013/mfsa2013-31.html http://www.mozilla.org/security/announce/2013/mfsa2013-30.html
Updated Packages:
Mandriva Enterprise Server 5: 0db2c1631a956f6147230a099f1d2d68 mes5/i586/firefox-17.0.5-0.1mdvmes5.2.i586.rpm b6accdf420ac5eb3dbea29d283fff049 mes5/i586/firefox-af-17.0.5-0.1mdvmes5.2.i586.rpm a434d7ee9d360c2b555873e8c93aac2a mes5/i586/firefox-ar-17.0.5-0.1mdvmes5.2.i586.rpm 3b64b73c7cb465fee179b140656a065d mes5/i586/firefox-be-17.0.5-0.1mdvmes5.2.i586.rpm 967b03abad307a338d0709df85e1ec1e mes5/i586/firefox-bg-17.0.5-0.1mdvmes5.2.i586.rpm 715fef97490152afcea942e32d9f8fae mes5/i586/firefox-bn-17.0.5-0.1mdvmes5.2.i586.rpm 46bac62630e189f9d6f7f2d90a5e1c4e mes5/i586/firefox-ca-17.0.5-0.1mdvmes5.2.i586.rpm 64143512420338cc54a073be91ccbf9d mes5/i586/firefox-cs-17.0.5-0.1mdvmes5.2.i586.rpm ba627030e474fb62caf34b2280e2432f mes5/i586/firefox-cy-17.0.5-0.1mdvmes5.2.i586.rpm d2ba69795c243c8aad3e56f1ba3190b4 mes5/i586/firefox-da-17.0.5-0.1mdvmes5.2.i586.rpm 81473710741c44e227e930f512a890d7 mes5/i586/firefox-de-17.0.5-0.1mdvmes5.2.i586.rpm 7d787c3a0eabf7b514083f267037cbdd mes5/i586/firefox-devel-17.0.5-0.1mdvmes5.2.i586.rpm f279d611e9a8233cec0090439e0bbc30 mes5/i586/firefox-el-17.0.5-0.1mdvmes5.2.i586.rpm 5ad88edccb4a8cb75d58464ed2201e2a mes5/i586/firefox-en_GB-17.0.5-0.1mdvmes5.2.i586.rpm 7c2bdafe6cf1219d33df634b40ca7f33 mes5/i586/firefox-eo-17.0.5-0.1mdvmes5.2.i586.rpm 6e8e3cc43e1b5326d886780d5409ff57 mes5/i586/firefox-es_AR-17.0.5-0.1mdvmes5.2.i586.rpm 8608ba9849ea4f56ac60475ccfc3acd7 mes5/i586/firefox-es_ES-17.0.5-0.1mdvmes5.2.i586.rpm b6de17fad95679a08dfc420f51d5e0fa mes5/i586/firefox-et-17.0.5-0.1mdvmes5.2.i586.rpm 7d5281fe391c7bcbc4f49369e00ce6f0 mes5/i586/firefox-eu-17.0.5-0.1mdvmes5.2.i586.rpm dfacd04856fb4529fb0ebdabbad374f9 mes5/i586/firefox-fi-17.0.5-0.1mdvmes5.2.i586.rpm b98f1800a67f8fec9dcbca77edd41ac4 mes5/i586/firefox-fr-17.0.5-0.1mdvmes5.2.i586.rpm eed03047da1e7642f207cb8821dbd95f mes5/i586/firefox-fy-17.0.5-0.1mdvmes5.2.i586.rpm 3f110cc8c73665a709b97bf554b835cc mes5/i586/firefox-ga_IE-17.0.5-0.1mdvmes5.2.i586.rpm 0ad55037b7527a452626a84dade35f56 mes5/i586/firefox-gl-17.0.5-0.1mdvmes5.2.i586.rpm e0272d903a0f8b1c938dded3626ac89a mes5/i586/firefox-gu_IN-17.0.5-0.1mdvmes5.2.i586.rpm 6bdc9c6edcc036122d131b6bf5a341ec mes5/i586/firefox-he-17.0.5-0.1mdvmes5.2.i586.rpm 8fd0ad163782a228e9176f1618dbae2f mes5/i586/firefox-hi-17.0.5-0.1mdvmes5.2.i586.rpm cef589c92b95defd03297a43a4a65e65 mes5/i586/firefox-hu-17.0.5-0.1mdvmes5.2.i586.rpm 6a4e24d1c59f774cab7ea341dedde5e5 mes5/i586/firefox-id-17.0.5-0.1mdvmes5.2.i586.rpm 617d63908bfa91b171a5e40acdfbb058 mes5/i586/firefox-is-17.0.5-0.1mdvmes5.2.i586.rpm 89d72f5231e362ffbcb74c5ebd9d2789 mes5/i586/firefox-it-17.0.5-0.1mdvmes5.2.i586.rpm 46e283185529cf7e3b55208e928d3e21 mes5/i586/firefox-ja-17.0.5-0.1mdvmes5.2.i586.rpm 9cb48d986cb94e843740461ccdc7e344 mes5/i586/firefox-kn-17.0.5-0.1mdvmes5.2.i586.rpm b4a30b6ae86cf07f9e15a5921ccf367c mes5/i586/firefox-ko-17.0.5-0.1mdvmes5.2.i586.rpm 447af559ce4a0a7cd0ff00ad81466966 mes5/i586/firefox-ku-17.0.5-0.1mdvmes5.2.i586.rpm f16fa703cc4611f42ef618a2709467ce mes5/i586/firefox-lt-17.0.5-0.1mdvmes5.2.i586.rpm f2f05879c892085be5d0fa4e9c787ae7 mes5/i586/firefox-lv-17.0.5-0.1mdvmes5.2.i586.rpm f166cef7eeae485e939a9964df355ffe mes5/i586/firefox-mk-17.0.5-0.1mdvmes5.2.i586.rpm a2d9533d98cd613ff49ace2dd3c4aaaf mes5/i586/firefox-mr-17.0.5-0.1mdvmes5.2.i586.rpm 04e604773ab19ad5060c53d906c7d222 mes5/i586/firefox-nb_NO-17.0.5-0.1mdvmes5.2.i586.rpm ea691e1ecd5cfac906a077614841100f mes5/i586/firefox-nl-17.0.5-0.1mdvmes5.2.i586.rpm 0b7dac86ef507b78504a6f507d2b82b6 mes5/i586/firefox-nn_NO-17.0.5-0.1mdvmes5.2.i586.rpm b5a1616579bd3804eb500a75aa9b040e mes5/i586/firefox-pa_IN-17.0.5-0.1mdvmes5.2.i586.rpm abca5b749f468af02e0d94e2c8b00ac1 mes5/i586/firefox-pl-17.0.5-0.1mdvmes5.2.i586.rpm 2585fe186ebb3b81ae4e3b4c4ed73442 mes5/i586/firefox-pt_BR-17.0.5-0.1mdvmes5.2.i586.rpm 416bbd1fc256861429b3fd78f7d83ef1 mes5/i586/firefox-pt_PT-17.0.5-0.1mdvmes5.2.i586.rpm 3d66426c2548c0ba2746c4c36a9db708 mes5/i586/firefox-ro-17.0.5-0.1mdvmes5.2.i586.rpm ae4fc0951b14c00d6656540e7d38e22e mes5/i586/firefox-ru-17.0.5-0.1mdvmes5.2.i586.rpm d323216cc380f286ff0c990062cdbd43 mes5/i586/firefox-si-17.0.5-0.1mdvmes5.2.i586.rpm a0edc229b50354a66d6c6152fc082395 mes5/i586/firefox-sk-17.0.5-0.1mdvmes5.2.i586.rpm 7d5edda5ddd9064dec3b85ecc7102f19 mes5/i586/firefox-sl-17.0.5-0.1mdvmes5.2.i586.rpm 277d4c09d495b4b8bb0c7e715761f267 mes5/i586/firefox-sq-17.0.5-0.1mdvmes5.2.i586.rpm 3d601400d0df895c73a5ebb064f4f016 mes5/i586/firefox-sr-17.0.5-0.1mdvmes5.2.i586.rpm f5f9e7bbe47f6fba7042f2bf5a61d28e mes5/i586/firefox-sv_SE-17.0.5-0.1mdvmes5.2.i586.rpm ec8dc022734c08dab5183405efa6d0c1 mes5/i586/firefox-te-17.0.5-0.1mdvmes5.2.i586.rpm 242b490062337f7f4f4b8169fb8c91d5 mes5/i586/firefox-th-17.0.5-0.1mdvmes5.2.i586.rpm 3f2fe42cd27e1c751513a561df7fb5a7 mes5/i586/firefox-tr-17.0.5-0.1mdvmes5.2.i586.rpm e5a6d7e6b9981687ca062526a14c7056 mes5/i586/firefox-uk-17.0.5-0.1mdvmes5.2.i586.rpm 8ad451f2a167af24160826bb6d054593 mes5/i586/firefox-zh_CN-17.0.5-0.1mdvmes5.2.i586.rpm 3d1c7ee791874a416ed2bf5847fa6ad7 mes5/i586/firefox-zh_TW-17.0.5-0.1mdvmes5.2.i586.rpm 0c338be36acdbe8c79655cfeac88627a mes5/i586/icedtea-web-1.3.1-0.3mdvmes5.2.i586.rpm 807123e3063f730d05282bf43f3dda6a mes5/i586/icedtea-web-javadoc-1.3.1-0.3mdvmes5.2.i586.rpm 7380860d463c5b198f74b592e51031f1 mes5/i586/libnspr4-4.9.6-0.1mdvmes5.2.i586.rpm 58137e16b3eb8e9655ceef99f4ec1fc7 mes5/i586/libnspr-devel-4.9.6-0.1mdvmes5.2.i586.rpm 6cb4ca4131bce6f48ff8d347ded8236d mes5/i586/libxulrunner17.0.5-17.0.5-0.1mdvmes5.2.i586.rpm 5c7ea7a5a52630606b7e71d61ac5c738 mes5/i586/libxulrunner-devel-17.0.5-0.1mdvmes5.2.i586.rpm 41f2f6022487aabc48b573620111b6b8 mes5/i586/xulrunner-17.0.5-0.1mdvmes5.2.i586.rpm 2a3a774ee0094a48cf108ed120ba227a mes5/SRPMS/firefox-17.0.5-0.1mdvmes5.2.src.rpm 58a810253d11b6af76cf1bcce6a3e7b4 mes5/SRPMS/firefox-l10n-17.0.5-0.1mdvmes5.2.src.rpm 5add3a80120b73f5ed97c9dd02837c58 mes5/SRPMS/icedtea-web-1.3.1-0.3mdvmes5.2.src.rpm 6d70b7e57cc741f0b587a1effee81fb4 mes5/SRPMS/nspr-4.9.6-0.1mdvmes5.2.src.rpm d7f835773038004ff8995ef676f8397e mes5/SRPMS/xulrunner-17.0.5-0.1mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64: 352b4b9c3ec49226611acfff2586132d mes5/x86_64/firefox-17.0.5-0.1mdvmes5.2.x86_64.rpm 29388b8d4da203e932710f8b98630932 mes5/x86_64/firefox-af-17.0.5-0.1mdvmes5.2.x86_64.rpm 35c9f59f4ce87eb7c64b89e60220ebb3 mes5/x86_64/firefox-ar-17.0.5-0.1mdvmes5.2.x86_64.rpm 204c1013d7e6d3925a73ff3c62ce6c14 mes5/x86_64/firefox-be-17.0.5-0.1mdvmes5.2.x86_64.rpm 43fdfdbedaf5a13fe6396775731a1835 mes5/x86_64/firefox-bg-17.0.5-0.1mdvmes5.2.x86_64.rpm d800fa786bef5538692c6b8fffb2f1b3 mes5/x86_64/firefox-bn-17.0.5-0.1mdvmes5.2.x86_64.rpm 74cb34c33f9d0f070338dd49332bbdd1 mes5/x86_64/firefox-ca-17.0.5-0.1mdvmes5.2.x86_64.rpm fca54be2cf51319542bca20cedf9dff6 mes5/x86_64/firefox-cs-17.0.5-0.1mdvmes5.2.x86_64.rpm 10b6de867fa24ab60c419fd9b314723c mes5/x86_64/firefox-cy-17.0.5-0.1mdvmes5.2.x86_64.rpm eb67b095d7490b5bc24c85bc8652fed9 mes5/x86_64/firefox-da-17.0.5-0.1mdvmes5.2.x86_64.rpm 7761e055af6b87172b2a05f9dc671d99 mes5/x86_64/firefox-de-17.0.5-0.1mdvmes5.2.x86_64.rpm b4ede22d5b768e082d47d2702fb71221 mes5/x86_64/firefox-devel-17.0.5-0.1mdvmes5.2.x86_64.rpm a359d0468b6217c59eb88771f2e799b2 mes5/x86_64/firefox-el-17.0.5-0.1mdvmes5.2.x86_64.rpm 4e58ae7627f5d6d0ba4d7c215c252611 mes5/x86_64/firefox-en_GB-17.0.5-0.1mdvmes5.2.x86_64.rpm 777062d66c8b57c59dc72c60bcade5aa mes5/x86_64/firefox-eo-17.0.5-0.1mdvmes5.2.x86_64.rpm c2b069c9c0105d85c5946f542204a7c7 mes5/x86_64/firefox-es_AR-17.0.5-0.1mdvmes5.2.x86_64.rpm 2a39a098a5b39dee19347f18c033f8c5 mes5/x86_64/firefox-es_ES-17.0.5-0.1mdvmes5.2.x86_64.rpm 412516e1b5a4b4b8b3a7eaf8d2b7806e mes5/x86_64/firefox-et-17.0.5-0.1mdvmes5.2.x86_64.rpm 5225e8ac59ee14a9fe5653e8afaa96b4 mes5/x86_64/firefox-eu-17.0.5-0.1mdvmes5.2.x86_64.rpm e91755da5dc3a6481ef5fd87b66dc2b3 mes5/x86_64/firefox-fi-17.0.5-0.1mdvmes5.2.x86_64.rpm 6c3c9ffddeb301345539516a2128870b mes5/x86_64/firefox-fr-17.0.5-0.1mdvmes5.2.x86_64.rpm f90bff71593d02e29a6801fb30196522 mes5/x86_64/firefox-fy-17.0.5-0.1mdvmes5.2.x86_64.rpm e36128274f24c1e3a905c6834dbd3431 mes5/x86_64/firefox-ga_IE-17.0.5-0.1mdvmes5.2.x86_64.rpm c1d8d7d3060a4a63ecf56e516d704322 mes5/x86_64/firefox-gl-17.0.5-0.1mdvmes5.2.x86_64.rpm fce3e57a97a18461e6784f27c9b5f982 mes5/x86_64/firefox-gu_IN-17.0.5-0.1mdvmes5.2.x86_64.rpm d567bdbe94970ce762fbbec34566271e mes5/x86_64/firefox-he-17.0.5-0.1mdvmes5.2.x86_64.rpm 68a74e20c4ee64127e275d443052a0aa mes5/x86_64/firefox-hi-17.0.5-0.1mdvmes5.2.x86_64.rpm 65eeb5076b7e049d2212f88e8e3a5d2b mes5/x86_64/firefox-hu-17.0.5-0.1mdvmes5.2.x86_64.rpm 7906c9372d2db0981a0f1fc5d068781f mes5/x86_64/firefox-id-17.0.5-0.1mdvmes5.2.x86_64.rpm 39174043fdecada0715aae758b111931 mes5/x86_64/firefox-is-17.0.5-0.1mdvmes5.2.x86_64.rpm 391b93959169588a74801efb2baeb048 mes5/x86_64/firefox-it-17.0.5-0.1mdvmes5.2.x86_64.rpm de1e0b1e3b0e2c1b91b3b9d8250b042d mes5/x86_64/firefox-ja-17.0.5-0.1mdvmes5.2.x86_64.rpm c465364f97f2c2cb891ff5866f7b2048 mes5/x86_64/firefox-kn-17.0.5-0.1mdvmes5.2.x86_64.rpm dd25c3ffde3ac083a3bd439855ab9e66 mes5/x86_64/firefox-ko-17.0.5-0.1mdvmes5.2.x86_64.rpm 0af917c3141a800843563b56e634e4b9 mes5/x86_64/firefox-ku-17.0.5-0.1mdvmes5.2.x86_64.rpm d17896516e04d7b2483c449c07018c1a mes5/x86_64/firefox-lt-17.0.5-0.1mdvmes5.2.x86_64.rpm e7925f0f39dd9cc0be8e390ff5b2511a mes5/x86_64/firefox-lv-17.0.5-0.1mdvmes5.2.x86_64.rpm aa7dada147bc0ee6e14de44582148245 mes5/x86_64/firefox-mk-17.0.5-0.1mdvmes5.2.x86_64.rpm 12eeadd008b58a4c51c396a3296c6876 mes5/x86_64/firefox-mr-17.0.5-0.1mdvmes5.2.x86_64.rpm 6043540a8e8edd39b06c8dbde4bbac6a mes5/x86_64/firefox-nb_NO-17.0.5-0.1mdvmes5.2.x86_64.rpm 0967142165225c2d0cde356bdf91af38 mes5/x86_64/firefox-nl-17.0.5-0.1mdvmes5.2.x86_64.rpm fe4d07e0a85ee4cf0a3ed65c4a24e561 mes5/x86_64/firefox-nn_NO-17.0.5-0.1mdvmes5.2.x86_64.rpm 18c355a3a4ecbed10dd933a2c0cee658 mes5/x86_64/firefox-pa_IN-17.0.5-0.1mdvmes5.2.x86_64.rpm fdb47ab94213fde94caca5c0e956ad0a mes5/x86_64/firefox-pl-17.0.5-0.1mdvmes5.2.x86_64.rpm 26659783f49eb63504f8240af15c46ef mes5/x86_64/firefox-pt_BR-17.0.5-0.1mdvmes5.2.x86_64.rpm 003887926df53eea9cd2c728ce2f2613 mes5/x86_64/firefox-pt_PT-17.0.5-0.1mdvmes5.2.x86_64.rpm f26a734cc64f5630d5763501789af036 mes5/x86_64/firefox-ro-17.0.5-0.1mdvmes5.2.x86_64.rpm 2055c8a4b5ab208de8bb7fc03df6f6ad mes5/x86_64/firefox-ru-17.0.5-0.1mdvmes5.2.x86_64.rpm eb5a279167efdded2ec946f1174885da mes5/x86_64/firefox-si-17.0.5-0.1mdvmes5.2.x86_64.rpm 0884722ce24c5dc947a1693b72ab87a8 mes5/x86_64/firefox-sk-17.0.5-0.1mdvmes5.2.x86_64.rpm 9ec578bd6111680976755026eee9736f mes5/x86_64/firefox-sl-17.0.5-0.1mdvmes5.2.x86_64.rpm d3ed346a9201d1c43ec0addd91404407 mes5/x86_64/firefox-sq-17.0.5-0.1mdvmes5.2.x86_64.rpm 7a3c688c303f03f13d370e078ef527d8 mes5/x86_64/firefox-sr-17.0.5-0.1mdvmes5.2.x86_64.rpm 679acfed547f9ed80a7515a4ac955990 mes5/x86_64/firefox-sv_SE-17.0.5-0.1mdvmes5.2.x86_64.rpm 94bf66782b9ffd747482d41526527b5f mes5/x86_64/firefox-te-17.0.5-0.1mdvmes5.2.x86_64.rpm 9b37e1edaa79527f9bb7159e39be108c mes5/x86_64/firefox-th-17.0.5-0.1mdvmes5.2.x86_64.rpm 2a6557c6d334dc4020f3cd2ba2235a0d mes5/x86_64/firefox-tr-17.0.5-0.1mdvmes5.2.x86_64.rpm c95479524cf439150d838ecd163e7040 mes5/x86_64/firefox-uk-17.0.5-0.1mdvmes5.2.x86_64.rpm aa31ef1321eff4e86d98acfac020fb25 mes5/x86_64/firefox-zh_CN-17.0.5-0.1mdvmes5.2.x86_64.rpm d539dfb331ec70a69828f7665686d9b0 mes5/x86_64/firefox-zh_TW-17.0.5-0.1mdvmes5.2.x86_64.rpm 2028cbbf55353a75366c9cb191efd67c mes5/x86_64/icedtea-web-1.3.1-0.3mdvmes5.2.x86_64.rpm 734ae27edc8c1026bca9947d70fd3fb7 mes5/x86_64/icedtea-web-javadoc-1.3.1-0.3mdvmes5.2.x86_64.rpm be78699f862f4a1d199248510e20ce1b mes5/x86_64/lib64nspr4-4.9.6-0.1mdvmes5.2.x86_64.rpm f62ab4de8ca959c4ff3990c92ea2427b mes5/x86_64/lib64nspr-devel-4.9.6-0.1mdvmes5.2.x86_64.rpm e94bbf818cfa59f67f7e5e75daf2726d mes5/x86_64/lib64xulrunner17.0.5-17.0.5-0.1mdvmes5.2.x86_64.rpm aecb7c59434a3330e7cb64bb6e7d902c mes5/x86_64/lib64xulrunner-devel-17.0.5-0.1mdvmes5.2.x86_64.rpm 531f21b03dbffa6024943663c1ba9e64 mes5/x86_64/xulrunner-17.0.5-0.1mdvmes5.2.x86_64.rpm 2a3a774ee0094a48cf108ed120ba227a mes5/SRPMS/firefox-17.0.5-0.1mdvmes5.2.src.rpm 58a810253d11b6af76cf1bcce6a3e7b4 mes5/SRPMS/firefox-l10n-17.0.5-0.1mdvmes5.2.src.rpm 5add3a80120b73f5ed97c9dd02837c58 mes5/SRPMS/icedtea-web-1.3.1-0.3mdvmes5.2.src.rpm 6d70b7e57cc741f0b587a1effee81fb4 mes5/SRPMS/nspr-4.9.6-0.1mdvmes5.2.src.rpm d7f835773038004ff8995ef676f8397e mes5/SRPMS/xulrunner-17.0.5-0.1mdvmes5.2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFRZBk1mqjQ0CJFipgRAplSAJ44faYKLDitsBC24gBnRhdQycVEmgCgq1FV wMd/SGhxwMMZZ8YXJEH7z9g= =83zI -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.11"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.3"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.12"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.9,
"vendor": "mozilla",
"version": "2.13.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.11"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.7.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.15"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.5"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.13"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.14"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.12"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.3"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "19.0"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.3"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.14"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.7"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.9"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.13.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.7.2"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "17.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.16"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.8"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.16.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "2.7"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.6.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "17.0.3"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "17.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "19.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "19.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.4.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.3.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "17.0.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.3.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.16.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.3.3"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "17.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "17.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.15.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.15.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.9.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.12.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.17"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "2.10.1"
},
{
"_id": null,
"model": "firefox",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "20.0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "seamonkey",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "2.17"
},
{
"_id": null,
"model": "thunderbird",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "lt",
"trust": 0.8,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "13.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.21-21"
},
{
"_id": null,
"model": "firefox esr",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.9"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.8"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.19"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.4"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.7"
},
{
"_id": null,
"model": "browser avant browser build",
"scope": "ne",
"trust": 0.3,
"vendor": "avant",
"version": "2013107"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.7"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "11.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.4"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.12"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.16"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14.01"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.4.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.18"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.7"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "13.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.19"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.20"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.1"
},
{
"_id": null,
"model": "linux enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.9"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.5"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.3"
},
{
"_id": null,
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.16"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.10.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.6"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.7"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.17"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "8.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.17"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.13"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.13"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.0.13"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "12.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.24"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "8.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.19"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.19"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.2"
},
{
"_id": null,
"model": "browser avant browser build",
"scope": "eq",
"trust": 0.3,
"vendor": "avant",
"version": "201312"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.18"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.18"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.23"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.3"
},
{
"_id": null,
"model": "browser avant browser build",
"scope": "eq",
"trust": 0.3,
"vendor": "avant",
"version": "201321"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.19"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "8.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.10"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.1.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.26"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "9.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "12.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.27"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.11"
},
{
"_id": null,
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.024"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.13"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.2"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.12"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "15"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.8"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.9"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.14"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.9"
},
{
"_id": null,
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "20.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.8"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.11"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.15"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.19"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.18"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.2"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.16"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.20"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.25"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.11"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.1"
},
{
"_id": null,
"model": "linux enterprise server for vmware sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.6"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"_id": null,
"model": "linux enterprise server sp1 for vmware lt",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.22"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.5"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.18"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "19.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.15"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.6.1"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.17"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.10"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.3"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.1"
},
{
"_id": null,
"model": "productions pale moon",
"scope": "ne",
"trust": 0.3,
"vendor": "moonchild",
"version": "20.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.9"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.14"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.3"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.3"
},
{
"_id": null,
"model": "productions pale moon",
"scope": "eq",
"trust": 0.3,
"vendor": "moonchild",
"version": "19.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.9"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.15"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.23"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.5"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.11"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.4"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.7"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.7"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.28"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.1"
},
{
"_id": null,
"model": "h3c s7500e series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "seamonkey beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.10"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.3"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "9.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.4"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.16"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.512"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.15"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.12"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.11"
},
{
"_id": null,
"model": "browser avant browser build",
"scope": "eq",
"trust": 0.3,
"vendor": "avant",
"version": "201317"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.22"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5.0"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.1"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.12"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "18.0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.12"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.18"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "9.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5.0.1"
},
{
"_id": null,
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.19"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.16"
},
{
"_id": null,
"model": "thunderbird esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.9"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.3"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.7"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.12"
},
{
"_id": null,
"model": "productions pale moon",
"scope": "eq",
"trust": 0.3,
"vendor": "moonchild",
"version": "19.0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.10"
},
{
"_id": null,
"model": "linux enterprise sdk sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.6"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.21"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "15.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.18"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.8"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.8"
},
{
"_id": null,
"model": "enterprise linux optional productivity application server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.21-20"
},
{
"_id": null,
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.01"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.020"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.14"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.3"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.8"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.10"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.8"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.13"
},
{
"_id": null,
"model": "productions pale moon",
"scope": "eq",
"trust": 0.3,
"vendor": "moonchild",
"version": "19.0.1"
},
{
"_id": null,
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "11.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14.0"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.11"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.12"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.16"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.14"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.1.16"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.19"
},
{
"_id": null,
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.99"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.2"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.14"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.7"
}
],
"sources": [
{
"db": "BID",
"id": "58837"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-047"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
},
{
"db": "NVD",
"id": "CVE-2013-0793"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:mozilla:firefox",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:firefox_esr",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:seamonkey",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:thunderbird",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:thunderbird_esr",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
}
]
},
"credits": {
"_id": null,
"data": "Mariusz Mlynski",
"sources": [
{
"db": "BID",
"id": "58837"
}
],
"trust": 0.3
},
"cve": "CVE-2013-0793",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2013-0793",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-0793",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-0793",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201304-047",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-047"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
},
{
"db": "NVD",
"id": "CVE-2013-0793"
}
]
},
"description": {
"_id": null,
"data": "Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing. Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a cross-site scripting vulnerability. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. \nNote: This issue was previously discussed in BID 58818 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2013-30 through -40 Multiple Vulnerabilities), but has been moved to its own record to better document it. \nThe issue is fixed in:\nFirefox 20.0\nFirefox ESR 17.0.5\nThunderbird 17.0.5\nThunderbird ESR 17.0.5\nSeaMonkey 2.17. ============================================================================\nUbuntu Security Notice USN-1786-2\nApril 04, 2013\n\nunity-firefox-extension update\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.10\n\nSummary:\n\nThis update provides a compatible version of Unity Firefox Extension for\nFirefox 20. \n\nSoftware Description:\n- unity-firefox-extension: Unity Integration for Firefox\n\nDetails:\n\nUSN-1786-1 fixed vulnerabilities in Firefox. (CVE-2013-0788, CVE-2013-0789)\n \n Ambroz Bizjak discovered an out-of-bounds array read in the\n CERT_DecodeCertPackage function of the Network Security Services (NSS)\n libary when decoding certain certificates. An attacker could potentially\n exploit this to cause a denial of service via application crash. \n (CVE-2013-0791)\n \n Tobias Schula discovered an information leak in Firefox when the\n gfx.color_management.enablev4 preference is enabled. If the user were\n tricked into opening a specially crafted image, an attacker could\n potentially exploit this to steal confidential data. By default, the\n gfx.color_management.enablev4 preference is not enabled in Ubuntu. \n (CVE-2013-0792)\n \n Mariusz Mlynski discovered that timed history navigations could be used to\n load arbitrary websites with the wrong URL displayed in the addressbar. (CVE-2013-0793)\n \n It was discovered that the origin indication on tab-modal dialog boxes\n could be removed, which could allow an attacker\u0027s dialog to be displayed\n over another sites content. An attacker could exploit this to conduct\n phishing attacks. (CVE-2013-0794)\n \n Cody Crews discovered that the cloneNode method could be used to\n bypass System Only Wrappers (SOW) to clone a protected node and bypass\n same-origin policy checks. (CVE-2013-0795)\n \n A crash in WebGL rendering was discovered in Firefox. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201309-23\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Mozilla Products: Multiple vulnerabilities\n Date: September 27, 2013\n Bugs: #450940, #458390, #460818, #464226, #469868, #474758,\n #479968, #485258\n ID: 201309-23\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Mozilla Firefox,\nThunderbird, and SeaMonkey, some of which may allow a remote user to\nexecute arbitrary code. The\nSeaMonkey project is a community effort to deliver production-quality\nreleases of code derived from the application formerly known as the\n\u0027Mozilla Application Suite\u0027. Please review the CVE identifiers\nreferenced below for details. Further, a remote attacker could conduct\nXSS attacks, spoof URLs, bypass address space layout randomization,\nconduct clickjacking attacks, obtain potentially sensitive information,\nbypass access restrictions, modify the local filesystem, or conduct\nother unspecified attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Mozilla Firefox users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/firefox-17.0.9\"\n\nAll users of the Mozilla Firefox binary package should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/firefox-bin-17.0.9\"\n\nAll Mozilla Thunderbird users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=mail-client/thunderbird-17.0.9\"=\n\n\nAll users of the Mozilla Thunderbird binary package should upgrade to\nthe latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=mail-client/thunderbird-bin-17.0.9\"\n\nAll SeaMonkey users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/seamonkey-2.21\"\n\nAll users of the Mozilla SeaMonkey binary package should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/seamonkey-bin-2.21\"\n\nReferences\n==========\n\n[ 1 ] CVE-2013-0744\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0744\n[ 2 ] CVE-2013-0745\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0745\n[ 3 ] CVE-2013-0746\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0746\n[ 4 ] CVE-2013-0747\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0747\n[ 5 ] CVE-2013-0748\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0748\n[ 6 ] CVE-2013-0749\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0749\n[ 7 ] CVE-2013-0750\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0750\n[ 8 ] CVE-2013-0751\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0751\n[ 9 ] CVE-2013-0752\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0752\n[ 10 ] CVE-2013-0753\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0753\n[ 11 ] CVE-2013-0754\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0754\n[ 12 ] CVE-2013-0755\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0755\n[ 13 ] CVE-2013-0756\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0756\n[ 14 ] CVE-2013-0757\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0757\n[ 15 ] CVE-2013-0758\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0758\n[ 16 ] CVE-2013-0759\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0759\n[ 17 ] CVE-2013-0760\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0760\n[ 18 ] CVE-2013-0761\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0761\n[ 19 ] CVE-2013-0762\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0762\n[ 20 ] CVE-2013-0763\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0763\n[ 21 ] CVE-2013-0764\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0764\n[ 22 ] CVE-2013-0765\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0765\n[ 23 ] CVE-2013-0766\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0766\n[ 24 ] CVE-2013-0767\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0767\n[ 25 ] CVE-2013-0768\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0768\n[ 26 ] CVE-2013-0769\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0769\n[ 27 ] CVE-2013-0770\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0770\n[ 28 ] CVE-2013-0771\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0771\n[ 29 ] CVE-2013-0772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0772\n[ 30 ] CVE-2013-0773\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0773\n[ 31 ] CVE-2013-0774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0774\n[ 32 ] CVE-2013-0775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0775\n[ 33 ] CVE-2013-0776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0776\n[ 34 ] CVE-2013-0777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0777\n[ 35 ] CVE-2013-0778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0778\n[ 36 ] CVE-2013-0779\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0779\n[ 37 ] CVE-2013-0780\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0780\n[ 38 ] CVE-2013-0781\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0781\n[ 39 ] CVE-2013-0782\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0782\n[ 40 ] CVE-2013-0783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0783\n[ 41 ] CVE-2013-0784\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0784\n[ 42 ] CVE-2013-0787\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0787\n[ 43 ] CVE-2013-0788\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0788\n[ 44 ] CVE-2013-0789\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0789\n[ 45 ] CVE-2013-0791\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0791\n[ 46 ] CVE-2013-0792\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0792\n[ 47 ] CVE-2013-0793\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0793\n[ 48 ] CVE-2013-0794\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0794\n[ 49 ] CVE-2013-0795\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0795\n[ 50 ] CVE-2013-0796\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0796\n[ 51 ] CVE-2013-0797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0797\n[ 52 ] CVE-2013-0799\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0799\n[ 53 ] CVE-2013-0800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0800\n[ 54 ] CVE-2013-0801\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0801\n[ 55 ] CVE-2013-1670\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1670\n[ 56 ] CVE-2013-1671\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1671\n[ 57 ] CVE-2013-1674\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1674\n[ 58 ] CVE-2013-1675\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1675\n[ 59 ] CVE-2013-1676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1676\n[ 60 ] CVE-2013-1677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1677\n[ 61 ] CVE-2013-1678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1678\n[ 62 ] CVE-2013-1679\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1679\n[ 63 ] CVE-2013-1680\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1680\n[ 64 ] CVE-2013-1681\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1681\n[ 65 ] CVE-2013-1682\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1682\n[ 66 ] CVE-2013-1684\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1684\n[ 67 ] CVE-2013-1687\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1687\n[ 68 ] CVE-2013-1690\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1690\n[ 69 ] CVE-2013-1692\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1692\n[ 70 ] CVE-2013-1693\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1693\n[ 71 ] CVE-2013-1694\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1694\n[ 72 ] CVE-2013-1697\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1697\n[ 73 ] CVE-2013-1701\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1701\n[ 74 ] CVE-2013-1702\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1702\n[ 75 ] CVE-2013-1704\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1704\n[ 76 ] CVE-2013-1705\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1705\n[ 77 ] CVE-2013-1707\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1707\n[ 78 ] CVE-2013-1708\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1708\n[ 79 ] CVE-2013-1709\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1709\n[ 80 ] CVE-2013-1710\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1710\n[ 81 ] CVE-2013-1711\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1711\n[ 82 ] CVE-2013-1712\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1712\n[ 83 ] CVE-2013-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1713\n[ 84 ] CVE-2013-1714\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1714\n[ 85 ] CVE-2013-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1717\n[ 86 ] CVE-2013-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1718\n[ 87 ] CVE-2013-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1719\n[ 88 ] CVE-2013-1720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1720\n[ 89 ] CVE-2013-1722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1722\n[ 90 ] CVE-2013-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1723\n[ 91 ] CVE-2013-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1724\n[ 92 ] CVE-2013-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1725\n[ 93 ] CVE-2013-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1726\n[ 94 ] CVE-2013-1728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1728\n[ 95 ] CVE-2013-1730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1730\n[ 96 ] CVE-2013-1732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1732\n[ 97 ] CVE-2013-1735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1735\n[ 98 ] CVE-2013-1736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1736\n[ 99 ] CVE-2013-1737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1737\n[ 100 ] CVE-2013-1738\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1738\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-23.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: firefox security update\nAdvisory ID: RHSA-2013:0696-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0696.html\nIssue date: 2013-04-02\nCVE Names: CVE-2013-0788 CVE-2013-0793 CVE-2013-0795 \n CVE-2013-0796 CVE-2013-0800 \n=====================================================================\n\n1. Summary:\n\nUpdated firefox packages that fix several security issues are now available\nfor Red Hat Enterprise Linux 5 and 6. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL Desktop Workstation (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox. \n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2013-0788)\n\nA flaw was found in the way Same Origin Wrappers were implemented in\nFirefox. (CVE-2013-0795)\n\nA flaw was found in the embedded WebGL library in Firefox. A web page\ncontaining malicious content could cause Firefox to crash or, potentially,\nexecute arbitrary code with the privileges of the user running Firefox. \nNote: This issue only affected systems using the Intel Mesa graphics\ndrivers. (CVE-2013-0796)\n\nAn out-of-bounds write flaw was found in the embedded Cairo library in\nFirefox. A web page containing malicious content could cause Firefox to\ncrash or, potentially, execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2013-0800)\n\nA flaw was found in the way Firefox handled the JavaScript history\nfunctions. A malicious site could cause a web page to be displayed that has\na baseURI pointing to a different site, allowing cross-site scripting (XSS)\nand phishing attacks. (CVE-2013-0793)\n\nRed Hat would like to thank the Mozilla project for reporting these issues. \nUpstream acknowledges Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian\nHoller, Milan Sreckovic, Joe Drew, Cody Crews, miaubiz, Abhishek Arya, and\nMariusz Mlynski as the original reporters of these issues. \n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 17.0.5 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum. \n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 17.0.5 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n946927 - CVE-2013-0788 Mozilla: Miscellaneous memory safety hazards (rv:17.0.5) (MFSA 2013-30)\n946929 - CVE-2013-0800 Mozilla: Out-of-bounds write in Cairo library (MFSA 2013-31)\n946931 - CVE-2013-0796 Mozilla: WebGL crash with Mesa graphics driver on Linux (MFSA 2013-35)\n946932 - CVE-2013-0795 Mozilla: Bypass of SOW protections allows cloning of protected nodes (MFSA 2013-36)\n946935 - CVE-2013-0793 Mozilla: Cross-site scripting (XSS) using timed history navigations (MFSA 2013-38)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm\n\ni386:\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-17.0.5-1.el5_9.i386.rpm\nxulrunner-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\n\nx86_64:\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-17.0.5-1.el5_9.x86_64.rpm\nfirefox-17.0.5-1.el5_9.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-17.0.5-1.el5_9.i386.rpm\nxulrunner-17.0.5-1.el5_9.i386.rpm\nxulrunner-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm\n\nRHEL Desktop Workstation (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm\n\ni386:\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\n\nx86_64:\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-devel-17.0.5-1.el5_9.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-17.0.5-1.el5_9.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/xulrunner-17.0.5-1.el5_9.src.rpm\n\ni386:\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\n\nia64:\nfirefox-17.0.5-1.el5_9.ia64.rpm\nfirefox-17.0.5-1.el5_9.ia64.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.ia64.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.ia64.rpm\nxulrunner-17.0.5-1.el5_9.ia64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.ia64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.ia64.rpm\nxulrunner-devel-17.0.5-1.el5_9.ia64.rpm\nxulrunner-devel-17.0.5-1.el5_9.ia64.rpm\n\nppc:\nfirefox-17.0.5-1.el5_9.ppc.rpm\nfirefox-17.0.5-1.el5_9.ppc.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.ppc.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.ppc.rpm\nxulrunner-17.0.5-1.el5_9.ppc.rpm\nxulrunner-17.0.5-1.el5_9.ppc64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.ppc.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.ppc.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.ppc64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.ppc64.rpm\nxulrunner-devel-17.0.5-1.el5_9.ppc.rpm\nxulrunner-devel-17.0.5-1.el5_9.ppc64.rpm\n\ns390x:\nfirefox-17.0.5-1.el5_9.s390.rpm\nfirefox-17.0.5-1.el5_9.s390.rpm\nfirefox-17.0.5-1.el5_9.s390x.rpm\nfirefox-17.0.5-1.el5_9.s390x.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.s390.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.s390.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.s390x.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.s390x.rpm\nxulrunner-17.0.5-1.el5_9.s390.rpm\nxulrunner-17.0.5-1.el5_9.s390x.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.s390.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.s390.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.s390x.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.s390x.rpm\nxulrunner-devel-17.0.5-1.el5_9.s390.rpm\nxulrunner-devel-17.0.5-1.el5_9.s390x.rpm\n\nx86_64:\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-17.0.5-1.el5_9.i386.rpm\nfirefox-17.0.5-1.el5_9.x86_64.rpm\nfirefox-17.0.5-1.el5_9.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.i386.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-17.0.5-1.el5_9.i386.rpm\nxulrunner-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.i386.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el5_9.x86_64.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.i386.rpm\nxulrunner-devel-17.0.5-1.el5_9.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\ni386:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\n\nx86_64:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\ni386:\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\n\nx86_64:\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\nx86_64:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\ni386:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\n\nppc64:\nfirefox-17.0.5-1.el6_4.ppc.rpm\nfirefox-17.0.5-1.el6_4.ppc.rpm\nfirefox-17.0.5-1.el6_4.ppc64.rpm\nfirefox-17.0.5-1.el6_4.ppc64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.ppc.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.ppc.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.ppc64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-17.0.5-1.el6_4.ppc.rpm\nxulrunner-17.0.5-1.el6_4.ppc.rpm\nxulrunner-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm\n\ns390x:\nfirefox-17.0.5-1.el6_4.s390.rpm\nfirefox-17.0.5-1.el6_4.s390.rpm\nfirefox-17.0.5-1.el6_4.s390x.rpm\nfirefox-17.0.5-1.el6_4.s390x.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.s390.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.s390.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.s390x.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.s390x.rpm\nxulrunner-17.0.5-1.el6_4.s390.rpm\nxulrunner-17.0.5-1.el6_4.s390.rpm\nxulrunner-17.0.5-1.el6_4.s390x.rpm\nxulrunner-17.0.5-1.el6_4.s390x.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm\n\nx86_64:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\ni386:\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\n\nppc64:\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-devel-17.0.5-1.el6_4.ppc.rpm\nxulrunner-devel-17.0.5-1.el6_4.ppc.rpm\nxulrunner-devel-17.0.5-1.el6_4.ppc64.rpm\nxulrunner-devel-17.0.5-1.el6_4.ppc64.rpm\n\ns390x:\nxulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.s390x.rpm\nxulrunner-devel-17.0.5-1.el6_4.s390.rpm\nxulrunner-devel-17.0.5-1.el6_4.s390.rpm\nxulrunner-devel-17.0.5-1.el6_4.s390x.rpm\nxulrunner-devel-17.0.5-1.el6_4.s390x.rpm\n\nx86_64:\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/firefox-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\ni386:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\n\nx86_64:\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.i686.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.i686.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nfirefox-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.i686.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/xulrunner-17.0.5-1.el6_4.src.rpm\n\ni386:\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\n\nx86_64:\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.i686.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-debuginfo-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.i686.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\nxulrunner-devel-17.0.5-1.el6_4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0788.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0793.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0795.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0796.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0800.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRWzt5XlSAg2UNWIIRAobXAJ9/uirvEeOiGpegRbi/Fdtv9BRXUACeMYpK\ntaMjOQZpo7Ea1JPyhBWhy7M=\n=2sCd\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nNote: All issues except CVE-2013-0800 cannot be exploited by a\nspecially-crafted HTML mail message as JavaScript is disabled by default\nfor mail messages. They could be exploited another way in Thunderbird, for\nexample, when viewing the full remote content of an RSS feed. A crafted PNG image could use this flaw to leak\n data through rendered images drawing from random memory. \n \n Security researcher Mariusz Mlynski reported a method to use browser\n navigations through history to load an arbitrary website with that\n page\u0026#039;s baseURI property pointing to another site instead of the\n seemingly loaded one. The user will continue to see the incorrect\n site in the addressbar of the browser. This allows violation of the browser\u0026#039;s same origin\n policy and could also lead to privilege escalation and the execution\n of arbitrary code (CVE-2013-0795). \n \n Security researcher miaubiz used the Address Sanitizer tool to\n discover a crash in WebGL rendering when memory is freed that has\n not previously been allocated. The resulting crash could be\n potentially exploitable (CVE-2013-0796). When certain values\n are passed to it during rendering, Cairo attempts to use negative\n boundaries or sizes for boxes, leading to a potentially exploitable\n crash in some instances (CVE-2013-0800). \n \n Mozilla developers identified and fixed several memory safety\n bugs in the browser engine used in Firefox and other Mozilla-based\n products. Some of these bugs showed evidence of memory corruption under\n certain circumstances, and we presume that with enough effort at least\n some of these could be exploited to run arbitrary code (CVE-2013-0788). \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0792\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0793\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0795\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0796\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0800\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0788\n http://www.mozilla.org/security/announce/2013/mfsa2013-39.html\n http://www.mozilla.org/security/announce/2013/mfsa2013-38.html\n http://www.mozilla.org/security/announce/2013/mfsa2013-36.html\n http://www.mozilla.org/security/announce/2013/mfsa2013-35.html\n http://www.mozilla.org/security/announce/2013/mfsa2013-31.html\n http://www.mozilla.org/security/announce/2013/mfsa2013-30.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Enterprise Server 5:\n 0db2c1631a956f6147230a099f1d2d68 mes5/i586/firefox-17.0.5-0.1mdvmes5.2.i586.rpm\n b6accdf420ac5eb3dbea29d283fff049 mes5/i586/firefox-af-17.0.5-0.1mdvmes5.2.i586.rpm\n a434d7ee9d360c2b555873e8c93aac2a mes5/i586/firefox-ar-17.0.5-0.1mdvmes5.2.i586.rpm\n 3b64b73c7cb465fee179b140656a065d mes5/i586/firefox-be-17.0.5-0.1mdvmes5.2.i586.rpm\n 967b03abad307a338d0709df85e1ec1e mes5/i586/firefox-bg-17.0.5-0.1mdvmes5.2.i586.rpm\n 715fef97490152afcea942e32d9f8fae mes5/i586/firefox-bn-17.0.5-0.1mdvmes5.2.i586.rpm\n 46bac62630e189f9d6f7f2d90a5e1c4e mes5/i586/firefox-ca-17.0.5-0.1mdvmes5.2.i586.rpm\n 64143512420338cc54a073be91ccbf9d mes5/i586/firefox-cs-17.0.5-0.1mdvmes5.2.i586.rpm\n ba627030e474fb62caf34b2280e2432f mes5/i586/firefox-cy-17.0.5-0.1mdvmes5.2.i586.rpm\n d2ba69795c243c8aad3e56f1ba3190b4 mes5/i586/firefox-da-17.0.5-0.1mdvmes5.2.i586.rpm\n 81473710741c44e227e930f512a890d7 mes5/i586/firefox-de-17.0.5-0.1mdvmes5.2.i586.rpm\n 7d787c3a0eabf7b514083f267037cbdd mes5/i586/firefox-devel-17.0.5-0.1mdvmes5.2.i586.rpm\n f279d611e9a8233cec0090439e0bbc30 mes5/i586/firefox-el-17.0.5-0.1mdvmes5.2.i586.rpm\n 5ad88edccb4a8cb75d58464ed2201e2a mes5/i586/firefox-en_GB-17.0.5-0.1mdvmes5.2.i586.rpm\n 7c2bdafe6cf1219d33df634b40ca7f33 mes5/i586/firefox-eo-17.0.5-0.1mdvmes5.2.i586.rpm\n 6e8e3cc43e1b5326d886780d5409ff57 mes5/i586/firefox-es_AR-17.0.5-0.1mdvmes5.2.i586.rpm\n 8608ba9849ea4f56ac60475ccfc3acd7 mes5/i586/firefox-es_ES-17.0.5-0.1mdvmes5.2.i586.rpm\n b6de17fad95679a08dfc420f51d5e0fa mes5/i586/firefox-et-17.0.5-0.1mdvmes5.2.i586.rpm\n 7d5281fe391c7bcbc4f49369e00ce6f0 mes5/i586/firefox-eu-17.0.5-0.1mdvmes5.2.i586.rpm\n dfacd04856fb4529fb0ebdabbad374f9 mes5/i586/firefox-fi-17.0.5-0.1mdvmes5.2.i586.rpm\n b98f1800a67f8fec9dcbca77edd41ac4 mes5/i586/firefox-fr-17.0.5-0.1mdvmes5.2.i586.rpm\n eed03047da1e7642f207cb8821dbd95f mes5/i586/firefox-fy-17.0.5-0.1mdvmes5.2.i586.rpm\n 3f110cc8c73665a709b97bf554b835cc mes5/i586/firefox-ga_IE-17.0.5-0.1mdvmes5.2.i586.rpm\n 0ad55037b7527a452626a84dade35f56 mes5/i586/firefox-gl-17.0.5-0.1mdvmes5.2.i586.rpm\n e0272d903a0f8b1c938dded3626ac89a mes5/i586/firefox-gu_IN-17.0.5-0.1mdvmes5.2.i586.rpm\n 6bdc9c6edcc036122d131b6bf5a341ec mes5/i586/firefox-he-17.0.5-0.1mdvmes5.2.i586.rpm\n 8fd0ad163782a228e9176f1618dbae2f mes5/i586/firefox-hi-17.0.5-0.1mdvmes5.2.i586.rpm\n cef589c92b95defd03297a43a4a65e65 mes5/i586/firefox-hu-17.0.5-0.1mdvmes5.2.i586.rpm\n 6a4e24d1c59f774cab7ea341dedde5e5 mes5/i586/firefox-id-17.0.5-0.1mdvmes5.2.i586.rpm\n 617d63908bfa91b171a5e40acdfbb058 mes5/i586/firefox-is-17.0.5-0.1mdvmes5.2.i586.rpm\n 89d72f5231e362ffbcb74c5ebd9d2789 mes5/i586/firefox-it-17.0.5-0.1mdvmes5.2.i586.rpm\n 46e283185529cf7e3b55208e928d3e21 mes5/i586/firefox-ja-17.0.5-0.1mdvmes5.2.i586.rpm\n 9cb48d986cb94e843740461ccdc7e344 mes5/i586/firefox-kn-17.0.5-0.1mdvmes5.2.i586.rpm\n b4a30b6ae86cf07f9e15a5921ccf367c mes5/i586/firefox-ko-17.0.5-0.1mdvmes5.2.i586.rpm\n 447af559ce4a0a7cd0ff00ad81466966 mes5/i586/firefox-ku-17.0.5-0.1mdvmes5.2.i586.rpm\n f16fa703cc4611f42ef618a2709467ce mes5/i586/firefox-lt-17.0.5-0.1mdvmes5.2.i586.rpm\n f2f05879c892085be5d0fa4e9c787ae7 mes5/i586/firefox-lv-17.0.5-0.1mdvmes5.2.i586.rpm\n f166cef7eeae485e939a9964df355ffe mes5/i586/firefox-mk-17.0.5-0.1mdvmes5.2.i586.rpm\n a2d9533d98cd613ff49ace2dd3c4aaaf mes5/i586/firefox-mr-17.0.5-0.1mdvmes5.2.i586.rpm\n 04e604773ab19ad5060c53d906c7d222 mes5/i586/firefox-nb_NO-17.0.5-0.1mdvmes5.2.i586.rpm\n ea691e1ecd5cfac906a077614841100f mes5/i586/firefox-nl-17.0.5-0.1mdvmes5.2.i586.rpm\n 0b7dac86ef507b78504a6f507d2b82b6 mes5/i586/firefox-nn_NO-17.0.5-0.1mdvmes5.2.i586.rpm\n b5a1616579bd3804eb500a75aa9b040e mes5/i586/firefox-pa_IN-17.0.5-0.1mdvmes5.2.i586.rpm\n abca5b749f468af02e0d94e2c8b00ac1 mes5/i586/firefox-pl-17.0.5-0.1mdvmes5.2.i586.rpm\n 2585fe186ebb3b81ae4e3b4c4ed73442 mes5/i586/firefox-pt_BR-17.0.5-0.1mdvmes5.2.i586.rpm\n 416bbd1fc256861429b3fd78f7d83ef1 mes5/i586/firefox-pt_PT-17.0.5-0.1mdvmes5.2.i586.rpm\n 3d66426c2548c0ba2746c4c36a9db708 mes5/i586/firefox-ro-17.0.5-0.1mdvmes5.2.i586.rpm\n ae4fc0951b14c00d6656540e7d38e22e mes5/i586/firefox-ru-17.0.5-0.1mdvmes5.2.i586.rpm\n d323216cc380f286ff0c990062cdbd43 mes5/i586/firefox-si-17.0.5-0.1mdvmes5.2.i586.rpm\n a0edc229b50354a66d6c6152fc082395 mes5/i586/firefox-sk-17.0.5-0.1mdvmes5.2.i586.rpm\n 7d5edda5ddd9064dec3b85ecc7102f19 mes5/i586/firefox-sl-17.0.5-0.1mdvmes5.2.i586.rpm\n 277d4c09d495b4b8bb0c7e715761f267 mes5/i586/firefox-sq-17.0.5-0.1mdvmes5.2.i586.rpm\n 3d601400d0df895c73a5ebb064f4f016 mes5/i586/firefox-sr-17.0.5-0.1mdvmes5.2.i586.rpm\n f5f9e7bbe47f6fba7042f2bf5a61d28e mes5/i586/firefox-sv_SE-17.0.5-0.1mdvmes5.2.i586.rpm\n ec8dc022734c08dab5183405efa6d0c1 mes5/i586/firefox-te-17.0.5-0.1mdvmes5.2.i586.rpm\n 242b490062337f7f4f4b8169fb8c91d5 mes5/i586/firefox-th-17.0.5-0.1mdvmes5.2.i586.rpm\n 3f2fe42cd27e1c751513a561df7fb5a7 mes5/i586/firefox-tr-17.0.5-0.1mdvmes5.2.i586.rpm\n e5a6d7e6b9981687ca062526a14c7056 mes5/i586/firefox-uk-17.0.5-0.1mdvmes5.2.i586.rpm\n 8ad451f2a167af24160826bb6d054593 mes5/i586/firefox-zh_CN-17.0.5-0.1mdvmes5.2.i586.rpm\n 3d1c7ee791874a416ed2bf5847fa6ad7 mes5/i586/firefox-zh_TW-17.0.5-0.1mdvmes5.2.i586.rpm\n 0c338be36acdbe8c79655cfeac88627a mes5/i586/icedtea-web-1.3.1-0.3mdvmes5.2.i586.rpm\n 807123e3063f730d05282bf43f3dda6a mes5/i586/icedtea-web-javadoc-1.3.1-0.3mdvmes5.2.i586.rpm\n 7380860d463c5b198f74b592e51031f1 mes5/i586/libnspr4-4.9.6-0.1mdvmes5.2.i586.rpm\n 58137e16b3eb8e9655ceef99f4ec1fc7 mes5/i586/libnspr-devel-4.9.6-0.1mdvmes5.2.i586.rpm\n 6cb4ca4131bce6f48ff8d347ded8236d mes5/i586/libxulrunner17.0.5-17.0.5-0.1mdvmes5.2.i586.rpm\n 5c7ea7a5a52630606b7e71d61ac5c738 mes5/i586/libxulrunner-devel-17.0.5-0.1mdvmes5.2.i586.rpm\n 41f2f6022487aabc48b573620111b6b8 mes5/i586/xulrunner-17.0.5-0.1mdvmes5.2.i586.rpm \n 2a3a774ee0094a48cf108ed120ba227a mes5/SRPMS/firefox-17.0.5-0.1mdvmes5.2.src.rpm\n 58a810253d11b6af76cf1bcce6a3e7b4 mes5/SRPMS/firefox-l10n-17.0.5-0.1mdvmes5.2.src.rpm\n 5add3a80120b73f5ed97c9dd02837c58 mes5/SRPMS/icedtea-web-1.3.1-0.3mdvmes5.2.src.rpm\n 6d70b7e57cc741f0b587a1effee81fb4 mes5/SRPMS/nspr-4.9.6-0.1mdvmes5.2.src.rpm\n d7f835773038004ff8995ef676f8397e mes5/SRPMS/xulrunner-17.0.5-0.1mdvmes5.2.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n 352b4b9c3ec49226611acfff2586132d mes5/x86_64/firefox-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 29388b8d4da203e932710f8b98630932 mes5/x86_64/firefox-af-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 35c9f59f4ce87eb7c64b89e60220ebb3 mes5/x86_64/firefox-ar-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 204c1013d7e6d3925a73ff3c62ce6c14 mes5/x86_64/firefox-be-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 43fdfdbedaf5a13fe6396775731a1835 mes5/x86_64/firefox-bg-17.0.5-0.1mdvmes5.2.x86_64.rpm\n d800fa786bef5538692c6b8fffb2f1b3 mes5/x86_64/firefox-bn-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 74cb34c33f9d0f070338dd49332bbdd1 mes5/x86_64/firefox-ca-17.0.5-0.1mdvmes5.2.x86_64.rpm\n fca54be2cf51319542bca20cedf9dff6 mes5/x86_64/firefox-cs-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 10b6de867fa24ab60c419fd9b314723c mes5/x86_64/firefox-cy-17.0.5-0.1mdvmes5.2.x86_64.rpm\n eb67b095d7490b5bc24c85bc8652fed9 mes5/x86_64/firefox-da-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 7761e055af6b87172b2a05f9dc671d99 mes5/x86_64/firefox-de-17.0.5-0.1mdvmes5.2.x86_64.rpm\n b4ede22d5b768e082d47d2702fb71221 mes5/x86_64/firefox-devel-17.0.5-0.1mdvmes5.2.x86_64.rpm\n a359d0468b6217c59eb88771f2e799b2 mes5/x86_64/firefox-el-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 4e58ae7627f5d6d0ba4d7c215c252611 mes5/x86_64/firefox-en_GB-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 777062d66c8b57c59dc72c60bcade5aa mes5/x86_64/firefox-eo-17.0.5-0.1mdvmes5.2.x86_64.rpm\n c2b069c9c0105d85c5946f542204a7c7 mes5/x86_64/firefox-es_AR-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 2a39a098a5b39dee19347f18c033f8c5 mes5/x86_64/firefox-es_ES-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 412516e1b5a4b4b8b3a7eaf8d2b7806e mes5/x86_64/firefox-et-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 5225e8ac59ee14a9fe5653e8afaa96b4 mes5/x86_64/firefox-eu-17.0.5-0.1mdvmes5.2.x86_64.rpm\n e91755da5dc3a6481ef5fd87b66dc2b3 mes5/x86_64/firefox-fi-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 6c3c9ffddeb301345539516a2128870b mes5/x86_64/firefox-fr-17.0.5-0.1mdvmes5.2.x86_64.rpm\n f90bff71593d02e29a6801fb30196522 mes5/x86_64/firefox-fy-17.0.5-0.1mdvmes5.2.x86_64.rpm\n e36128274f24c1e3a905c6834dbd3431 mes5/x86_64/firefox-ga_IE-17.0.5-0.1mdvmes5.2.x86_64.rpm\n c1d8d7d3060a4a63ecf56e516d704322 mes5/x86_64/firefox-gl-17.0.5-0.1mdvmes5.2.x86_64.rpm\n fce3e57a97a18461e6784f27c9b5f982 mes5/x86_64/firefox-gu_IN-17.0.5-0.1mdvmes5.2.x86_64.rpm\n d567bdbe94970ce762fbbec34566271e mes5/x86_64/firefox-he-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 68a74e20c4ee64127e275d443052a0aa mes5/x86_64/firefox-hi-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 65eeb5076b7e049d2212f88e8e3a5d2b mes5/x86_64/firefox-hu-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 7906c9372d2db0981a0f1fc5d068781f mes5/x86_64/firefox-id-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 39174043fdecada0715aae758b111931 mes5/x86_64/firefox-is-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 391b93959169588a74801efb2baeb048 mes5/x86_64/firefox-it-17.0.5-0.1mdvmes5.2.x86_64.rpm\n de1e0b1e3b0e2c1b91b3b9d8250b042d mes5/x86_64/firefox-ja-17.0.5-0.1mdvmes5.2.x86_64.rpm\n c465364f97f2c2cb891ff5866f7b2048 mes5/x86_64/firefox-kn-17.0.5-0.1mdvmes5.2.x86_64.rpm\n dd25c3ffde3ac083a3bd439855ab9e66 mes5/x86_64/firefox-ko-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 0af917c3141a800843563b56e634e4b9 mes5/x86_64/firefox-ku-17.0.5-0.1mdvmes5.2.x86_64.rpm\n d17896516e04d7b2483c449c07018c1a mes5/x86_64/firefox-lt-17.0.5-0.1mdvmes5.2.x86_64.rpm\n e7925f0f39dd9cc0be8e390ff5b2511a mes5/x86_64/firefox-lv-17.0.5-0.1mdvmes5.2.x86_64.rpm\n aa7dada147bc0ee6e14de44582148245 mes5/x86_64/firefox-mk-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 12eeadd008b58a4c51c396a3296c6876 mes5/x86_64/firefox-mr-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 6043540a8e8edd39b06c8dbde4bbac6a mes5/x86_64/firefox-nb_NO-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 0967142165225c2d0cde356bdf91af38 mes5/x86_64/firefox-nl-17.0.5-0.1mdvmes5.2.x86_64.rpm\n fe4d07e0a85ee4cf0a3ed65c4a24e561 mes5/x86_64/firefox-nn_NO-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 18c355a3a4ecbed10dd933a2c0cee658 mes5/x86_64/firefox-pa_IN-17.0.5-0.1mdvmes5.2.x86_64.rpm\n fdb47ab94213fde94caca5c0e956ad0a mes5/x86_64/firefox-pl-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 26659783f49eb63504f8240af15c46ef mes5/x86_64/firefox-pt_BR-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 003887926df53eea9cd2c728ce2f2613 mes5/x86_64/firefox-pt_PT-17.0.5-0.1mdvmes5.2.x86_64.rpm\n f26a734cc64f5630d5763501789af036 mes5/x86_64/firefox-ro-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 2055c8a4b5ab208de8bb7fc03df6f6ad mes5/x86_64/firefox-ru-17.0.5-0.1mdvmes5.2.x86_64.rpm\n eb5a279167efdded2ec946f1174885da mes5/x86_64/firefox-si-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 0884722ce24c5dc947a1693b72ab87a8 mes5/x86_64/firefox-sk-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 9ec578bd6111680976755026eee9736f mes5/x86_64/firefox-sl-17.0.5-0.1mdvmes5.2.x86_64.rpm\n d3ed346a9201d1c43ec0addd91404407 mes5/x86_64/firefox-sq-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 7a3c688c303f03f13d370e078ef527d8 mes5/x86_64/firefox-sr-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 679acfed547f9ed80a7515a4ac955990 mes5/x86_64/firefox-sv_SE-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 94bf66782b9ffd747482d41526527b5f mes5/x86_64/firefox-te-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 9b37e1edaa79527f9bb7159e39be108c mes5/x86_64/firefox-th-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 2a6557c6d334dc4020f3cd2ba2235a0d mes5/x86_64/firefox-tr-17.0.5-0.1mdvmes5.2.x86_64.rpm\n c95479524cf439150d838ecd163e7040 mes5/x86_64/firefox-uk-17.0.5-0.1mdvmes5.2.x86_64.rpm\n aa31ef1321eff4e86d98acfac020fb25 mes5/x86_64/firefox-zh_CN-17.0.5-0.1mdvmes5.2.x86_64.rpm\n d539dfb331ec70a69828f7665686d9b0 mes5/x86_64/firefox-zh_TW-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 2028cbbf55353a75366c9cb191efd67c mes5/x86_64/icedtea-web-1.3.1-0.3mdvmes5.2.x86_64.rpm\n 734ae27edc8c1026bca9947d70fd3fb7 mes5/x86_64/icedtea-web-javadoc-1.3.1-0.3mdvmes5.2.x86_64.rpm\n be78699f862f4a1d199248510e20ce1b mes5/x86_64/lib64nspr4-4.9.6-0.1mdvmes5.2.x86_64.rpm\n f62ab4de8ca959c4ff3990c92ea2427b mes5/x86_64/lib64nspr-devel-4.9.6-0.1mdvmes5.2.x86_64.rpm\n e94bbf818cfa59f67f7e5e75daf2726d mes5/x86_64/lib64xulrunner17.0.5-17.0.5-0.1mdvmes5.2.x86_64.rpm\n aecb7c59434a3330e7cb64bb6e7d902c mes5/x86_64/lib64xulrunner-devel-17.0.5-0.1mdvmes5.2.x86_64.rpm\n 531f21b03dbffa6024943663c1ba9e64 mes5/x86_64/xulrunner-17.0.5-0.1mdvmes5.2.x86_64.rpm \n 2a3a774ee0094a48cf108ed120ba227a mes5/SRPMS/firefox-17.0.5-0.1mdvmes5.2.src.rpm\n 58a810253d11b6af76cf1bcce6a3e7b4 mes5/SRPMS/firefox-l10n-17.0.5-0.1mdvmes5.2.src.rpm\n 5add3a80120b73f5ed97c9dd02837c58 mes5/SRPMS/icedtea-web-1.3.1-0.3mdvmes5.2.src.rpm\n 6d70b7e57cc741f0b587a1effee81fb4 mes5/SRPMS/nspr-4.9.6-0.1mdvmes5.2.src.rpm\n d7f835773038004ff8995ef676f8397e mes5/SRPMS/xulrunner-17.0.5-0.1mdvmes5.2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFRZBk1mqjQ0CJFipgRAplSAJ44faYKLDitsBC24gBnRhdQycVEmgCgq1FV\nwMd/SGhxwMMZZ8YXJEH7z9g=\n=83zI\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0793"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
},
{
"db": "BID",
"id": "58837"
},
{
"db": "PACKETSTORM",
"id": "121086"
},
{
"db": "PACKETSTORM",
"id": "121085"
},
{
"db": "PACKETSTORM",
"id": "121133"
},
{
"db": "PACKETSTORM",
"id": "123420"
},
{
"db": "PACKETSTORM",
"id": "121049"
},
{
"db": "PACKETSTORM",
"id": "121050"
},
{
"db": "PACKETSTORM",
"id": "121190"
}
],
"trust": 2.52
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2013-0793",
"trust": 3.4
},
{
"db": "BID",
"id": "58837",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "52830",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "52293",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "52888",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "52831",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "52770",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201304-047",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "121086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121133",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123420",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121049",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121050",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121190",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "58837"
},
{
"db": "PACKETSTORM",
"id": "121086"
},
{
"db": "PACKETSTORM",
"id": "121085"
},
{
"db": "PACKETSTORM",
"id": "121133"
},
{
"db": "PACKETSTORM",
"id": "123420"
},
{
"db": "PACKETSTORM",
"id": "121049"
},
{
"db": "PACKETSTORM",
"id": "121050"
},
{
"db": "PACKETSTORM",
"id": "121190"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-047"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
},
{
"db": "NVD",
"id": "CVE-2013-0793"
}
]
},
"id": "VAR-201304-0062",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2026-04-10T23:21:40.444000Z",
"patch": {
"_id": null,
"data": [
{
"title": "DSA-2699",
"trust": 0.8,
"url": "http://www.debian.org/security/2013/dsa-2699"
},
{
"title": "MFSA2013-38",
"trust": 0.8,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-38.html"
},
{
"title": "MFSA2013-38",
"trust": 0.8,
"url": "http://www.mozilla-japan.org/security/announce/2013/mfsa2013-38.html"
},
{
"title": "openSUSE-SU-2013:0630",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html"
},
{
"title": "openSUSE-SU-2013:0631",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html"
},
{
"title": "SUSE-SU-2013:0645",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html"
},
{
"title": "SUSE-SU-2013:0850",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html"
},
{
"title": "openSUSE-SU-2013:0875",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00012.html"
},
{
"title": "RHSA-2013:0697",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-0697.html"
},
{
"title": "RHSA-2013:0696",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-0696.html"
},
{
"title": "USN-1791-1",
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/USN-1791-1"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
},
{
"db": "NVD",
"id": "CVE-2013-0793"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.0,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-38.html"
},
{
"trust": 1.6,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=803870"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-1791-1"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0696.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0697.html"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16928"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2013/dsa-2699"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00012.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/58837"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0793"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0793"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0793"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0796"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0795"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0800"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52293"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52770"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52830"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52831"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52888"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0788"
},
{
"trust": 0.3,
"url": "http://www.avantbrowser.com/new.aspx?uil=en-us#13000000107"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/projects/seamonkey/"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/products/thunderbird/"
},
{
"trust": 0.3,
"url": "http://www.palemoon.org/releasenotes-ng.shtml"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-0676"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100172166"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004390"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0792"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0791"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0794"
},
{
"trust": 0.2,
"url": "https://launchpad.net/bugs/1161422"
},
{
"trust": 0.2,
"url": "http://www.ubuntu.com/usn/usn-1786-1"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0788.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0796.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0800.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0795.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0793.html"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-1786-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/unity-firefox-extension/2.4.4-0ubuntu0.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0789"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/20.0+build1-0ubuntu0.12.04.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/20.0+build1-0ubuntu0.11.10.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/20.0+build1-0ubuntu0.12.10.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/20.0+build1-0ubuntu0.10.04.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/thunderbird/17.0.5+build1-0ubuntu0.12.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/thunderbird/17.0.5+build1-0ubuntu0.11.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/thunderbird/17.0.5+build1-0ubuntu0.10.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/thunderbird/17.0.5+build1-0ubuntu0.12.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1162043"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0761"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0754"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0800"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0789"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0766"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0773"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0756"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0749"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0750"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0761"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1675"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0797"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1692"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1711"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0759"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0753"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0746"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0752"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0767"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0770"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0783"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0759"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0768"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0792"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0760"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0780"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0791"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1697"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0757"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0793"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0782"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1705"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0764"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0765"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0768"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0760"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1690"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0757"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0776"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0771"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0775"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0777"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0778"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0795"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0767"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0794"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1681"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0748"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0762"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1701"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1670"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0799"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0749"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1702"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0769"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0784"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1712"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1687"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0772"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1713"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1714"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0745"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0756"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0747"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1682"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0796"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0763"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0751"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0779"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0748"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1674"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1709"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0765"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0781"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0744"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0747"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1707"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0758"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1738"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1671"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0753"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0754"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1679"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1680"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0752"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0745"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1684"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0787"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0762"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1693"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1710"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0764"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0788"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-23.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0744"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0751"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0755"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0763"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1694"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1730"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0771"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0766"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0801"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0769"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1678"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1717"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0755"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0770"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0758"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0746"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1728"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1677"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1704"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0774"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1708"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/known-vulnerabilities/firefoxesr.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0792"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-36.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0788"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-30.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-35.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-39.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0795"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0800"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-31.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0796"
}
],
"sources": [
{
"db": "BID",
"id": "58837"
},
{
"db": "PACKETSTORM",
"id": "121086"
},
{
"db": "PACKETSTORM",
"id": "121085"
},
{
"db": "PACKETSTORM",
"id": "121133"
},
{
"db": "PACKETSTORM",
"id": "123420"
},
{
"db": "PACKETSTORM",
"id": "121049"
},
{
"db": "PACKETSTORM",
"id": "121050"
},
{
"db": "PACKETSTORM",
"id": "121190"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-047"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
},
{
"db": "NVD",
"id": "CVE-2013-0793"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "BID",
"id": "58837",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121086",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121085",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121133",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123420",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121049",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121050",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121190",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201304-047",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002129",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2013-0793",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2013-04-02T00:00:00",
"db": "BID",
"id": "58837",
"ident": null
},
{
"date": "2013-04-05T01:58:43",
"db": "PACKETSTORM",
"id": "121086",
"ident": null
},
{
"date": "2013-04-05T01:58:28",
"db": "PACKETSTORM",
"id": "121085",
"ident": null
},
{
"date": "2013-04-08T21:11:50",
"db": "PACKETSTORM",
"id": "121133",
"ident": null
},
{
"date": "2013-09-27T22:24:30",
"db": "PACKETSTORM",
"id": "123420",
"ident": null
},
{
"date": "2013-04-02T14:35:00",
"db": "PACKETSTORM",
"id": "121049",
"ident": null
},
{
"date": "2013-04-02T14:37:00",
"db": "PACKETSTORM",
"id": "121050",
"ident": null
},
{
"date": "2013-04-10T01:24:07",
"db": "PACKETSTORM",
"id": "121190",
"ident": null
},
{
"date": "2013-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-047",
"ident": null
},
{
"date": "2013-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002129",
"ident": null
},
{
"date": "2013-04-03T11:56:21.150000",
"db": "NVD",
"id": "CVE-2013-0793",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2015-04-13T22:14:00",
"db": "BID",
"id": "58837",
"ident": null
},
{
"date": "2013-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-047",
"ident": null
},
{
"date": "2013-06-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002129",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-0793",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "123420"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-047"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "plural Mozilla Product cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002129"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-047"
}
],
"trust": 0.6
}
}
VAR-201506-0498
Vulnerability from variot - Updated: 2026-04-10 23:17The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback. OpenSSL is prone to denial-of-service vulnerability. An attacker may exploit this issue to cause a denial-of-service condition. The following are vulnerable: OpenSSL 1.0.2 prior to 1.0.2b OpenSSL 1.0.1 prior to 1.0.1n OpenSSL 1.0.0 prior to 1.0.0s OpenSSL 0.9.8 prior to 0.9.8zg. OpenSSL Security Advisory [11 Jun 2015] =======================================
DHE man-in-the-middle protection (Logjam)
A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam (CVE-2015-4000).
OpenSSL has added protection for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits. This limit will be increased to 1024 bits in a future release.
Malformed ECParameters causes infinite loop (CVE-2015-1788)
Severity: Moderate
When processing an ECParameters structure OpenSSL enters an infinite loop if the curve specified is over a specially malformed binary polynomial field.
This can be used to perform denial of service against any system which processes public keys, certificate requests or certificates. This includes TLS clients and TLS servers with client authentication enabled.
This issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent 1.0.0 and 0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s OpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The fix was developed by Andy Polyakov of the OpenSSL development team.
Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
Severity: Moderate
X509_cmp_time does not properly check the length of the ASN1_TIME string and can read a few bytes out of bounds. In addition, X509_cmp_time accepts an arbitrary number of fractional seconds in the time string.
An attacker can use this to craft malformed certificates and CRLs of various sizes and potentially cause a segmentation fault, resulting in a DoS on applications that verify certificates or CRLs. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki (Google), and independently on 11th April 2015 by Hanno Böck. The fix was developed by Emilia Käsper of the OpenSSL development team.
PKCS7 crash with missing EnvelopedContent (CVE-2015-1790)
Severity: Moderate
The PKCS#7 parsing code does not handle missing inner EncryptedContent correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing.
Applications that decrypt PKCS#7 data or otherwise parse PKCS#7 structures from untrusted sources are affected. OpenSSL clients and servers are not affected.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 18th April 2015 by Michal Zalewski (Google). The fix was developed by Emilia Käsper of the OpenSSL development team.
This can be used to perform denial of service against any system which verifies signedData messages using the CMS code.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2b OpenSSL 1.0.1 users should upgrade to 1.0.1n OpenSSL 1.0.0 users should upgrade to 1.0.0s OpenSSL 0.9.8 users should upgrade to 0.9.8zg
This issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The fix was developed by Dr. Stephen Henson of the OpenSSL development team.
This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. The fix was developed by Matt Caswell of the OpenSSL development team. It existed in previous OpenSSL versions and was fixed in June 2014.
If a DTLS peer receives application data between the ChangeCipherSpec and Finished messages, buffering of such data may cause an invalid free, resulting in a segmentation fault or potentially, memory corruption.
This issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
This issue was originally reported on March 28th 2014 in https://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen Kariyanahalli, and subsequently by Ivan Fratric and Felix Groebert (Google). A fix was developed by zhu qun-ying.
The fix for this issue can be identified by commits bcc31166 (1.0.1), b79e6e3a (1.0.0) and 4b258e73 (0.9.8).
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20150611.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
. These vulnerabilities include:
The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information. The following firmware versions of Virtual Connect (VC) are impacted:
HPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45 HPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21
Note: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800, CVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and CVE-2016-2842.
Release Date: 2015-07-10 Last Updated: 2015-07-10
Potential Security Impact: Remote Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP IceWall Products running OpenSSL. Product Impacted Versions Impacted CVEs
HP IceWall MCRP v3.0 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792
HP IceWall SSO Dfw v10.0 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792
HP IceWall SSO Agent Option v10.0 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792
HP IceWall SSO Certd v10.0 CVE-2015-1792
HP IceWall Federation Agent v3.0 CVE-2015-1792
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends applying the latest OS vendor security patches for OpenSSL to resolve the vulnerabilities for HP IceWall Products.
HP IceWall SSO Dfw v10.0 and Certd v10.0, which are running on RHEL, could be using either the OS bundled OpenSSL library or the OpenSSL bundled with HP IceWall. If still using the OpenSSL bundled with HP IceWall, please apply the latest OS vendor security patches for OpenSSL and switch to the OpenSSL library bundled with the OS.
Documents are available at the following location with instructions to switch to the OS bundled OpenSSL library:
http://www.hp.com/jp/icewall_patchaccess
Note: The HP IceWall product is only available in Japan.
HISTORY Version:1 (rev.1) - 10 July 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. This could allow remote attackers to cause a denial of service. This could allow remote attackers to cause a denial of service (crash). This could allow remote attackers to cause a denial of service.
For the oldstable distribution (wheezy), these problems have been fixed in version 1.0.1e-2+deb7u17.
For the stable distribution (jessie), these problems have been fixed in version 1.0.1k-3+deb8u1.
For the testing distribution (stretch), these problems have been fixed in version 1.0.2b-1.
For the unstable distribution (sid), these problems have been fixed in version 1.0.2b-1. Corrected: 2015-06-11 19:07:45 UTC (stable/10, 10.1-STABLE) 2015-06-12 07:23:55 UTC (releng/10.1, 10.1-RELEASE-p12) 2015-06-11 19:39:27 UTC (stable/9, 9.3-STABLE) 2015-06-12 07:23:55 UTC (releng/9.3, 9.3-RELEASE-p16) 2015-06-11 19:39:27 UTC (stable/8, 8.4-STABLE) 2015-06-12 07:23:55 UTC (releng/8.4, 8.4-RELEASE-p30) CVE Name: CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 CVE-2015-1792, CVE-2015-4000
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . Background
FreeBSD includes software from the OpenSSL Project.
II. [CVE-2015-1791]
The OpenSSL advisory also describes a problem that is identified as CVE-2014-8176, which is already fixed by an earlier FreeBSD Errata Notice, FreeBSD-EN-15:02.openssl.
III. [CVE-2015-4000]. [CVE-2015-1788]. This affects FreeBSD 10.1 only, as the problem was no longer exist in OpenSSL 0.9.8 series since July 2012. [CVE-2015-1790]. [CVE-2015-1792]
An attacker may be able to crash multi-thread applications that supports resumed TLS handshakes. [CVE-2015-1791]
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.1]
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch.asc
gpg --verify openssl-10.1.patch.asc
[FreeBSD 9.3 and 8.4]
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch
fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch.asc
gpg --verify openssl-8.4.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart all deamons using the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r284286 releng/8.4/ r284295 stable/9/ r284286 releng/9.3/ r284295 stable/10/ r284285 releng/10.1/ r284295
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: openssl security update Advisory ID: RHSA-2015:1115-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1115.html Issue date: 2015-06-15 CVE Names: CVE-2014-8176 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3216 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. (CVE-2014-8176)
A flaw was found in the way the OpenSSL packages shipped with Red Hat Enterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. (CVE-2015-3216)
An out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789)
A race condition was found in the session handling code of OpenSSL. This issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash. (CVE-2015-1791)
A flaw was found in the way OpenSSL handled Cryptographic Message Syntax (CMS) messages. A CMS message with an unknown hash function identifier could cause an application using OpenSSL to enter an infinite loop. (CVE-2015-1792)
A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790)
Red Hat would like to thank the OpenSSL project for reporting CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and CVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan Fratric as the original reporters of CVE-2014-8176, Robert Swiecki and Hanno Böck as the original reporters of CVE-2015-1789, Michal Zalewski as the original reporter of CVE-2015-1790, Emilia Käsper as the original report of CVE-2015-1791 and Johannes Bauer as the original reporter of CVE-2015-1792.
All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1227574 - CVE-2015-3216 openssl: Crash in ssleay_rand_bytes due to locking regression 1228603 - CVE-2015-1789 OpenSSL: out-of-bounds read in X509_cmp_time 1228604 - CVE-2015-1790 OpenSSL: PKCS7 crash with missing EnvelopedContent 1228607 - CVE-2015-1792 OpenSSL: CMS verify infinite loop with unknown hash function 1228608 - CVE-2015-1791 OpenSSL: Race condition handling NewSessionTicket 1228611 - CVE-2014-8176 OpenSSL: Invalid free in DTLS
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-30.el6_6.11.src.rpm
i386: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm
x86_64: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm openssl-perl-1.0.1e-30.el6_6.11.i686.rpm openssl-static-1.0.1e-30.el6_6.11.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-static-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-30.el6_6.11.src.rpm
x86_64: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-static-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-30.el6_6.11.src.rpm
i386: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm
ppc64: openssl-1.0.1e-30.el6_6.11.ppc.rpm openssl-1.0.1e-30.el6_6.11.ppc64.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.ppc.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.ppc64.rpm openssl-devel-1.0.1e-30.el6_6.11.ppc.rpm openssl-devel-1.0.1e-30.el6_6.11.ppc64.rpm
s390x: openssl-1.0.1e-30.el6_6.11.s390.rpm openssl-1.0.1e-30.el6_6.11.s390x.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.s390.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.s390x.rpm openssl-devel-1.0.1e-30.el6_6.11.s390.rpm openssl-devel-1.0.1e-30.el6_6.11.s390x.rpm
x86_64: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-perl-1.0.1e-30.el6_6.11.i686.rpm openssl-static-1.0.1e-30.el6_6.11.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-30.el6_6.11.ppc64.rpm openssl-perl-1.0.1e-30.el6_6.11.ppc64.rpm openssl-static-1.0.1e-30.el6_6.11.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-30.el6_6.11.s390x.rpm openssl-perl-1.0.1e-30.el6_6.11.s390x.rpm openssl-static-1.0.1e-30.el6_6.11.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-static-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-30.el6_6.11.src.rpm
i386: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm
x86_64: openssl-1.0.1e-30.el6_6.11.i686.rpm openssl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.11.i686.rpm openssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm openssl-perl-1.0.1e-30.el6_6.11.i686.rpm openssl-static-1.0.1e-30.el6_6.11.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm openssl-static-1.0.1e-30.el6_6.11.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-42.el7_1.8.src.rpm
x86_64: openssl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.8.i686.rpm openssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.8.i686.rpm openssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-static-1.0.1e-42.el7_1.8.i686.rpm openssl-static-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-42.el7_1.8.src.rpm
x86_64: openssl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.8.i686.rpm openssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.8.i686.rpm openssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-static-1.0.1e-42.el7_1.8.i686.rpm openssl-static-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-42.el7_1.8.src.rpm
ppc64: openssl-1.0.1e-42.el7_1.8.ppc64.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.ppc.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.ppc64.rpm openssl-devel-1.0.1e-42.el7_1.8.ppc.rpm openssl-devel-1.0.1e-42.el7_1.8.ppc64.rpm openssl-libs-1.0.1e-42.el7_1.8.ppc.rpm openssl-libs-1.0.1e-42.el7_1.8.ppc64.rpm
s390x: openssl-1.0.1e-42.el7_1.8.s390x.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.s390.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.s390x.rpm openssl-devel-1.0.1e-42.el7_1.8.s390.rpm openssl-devel-1.0.1e-42.el7_1.8.s390x.rpm openssl-libs-1.0.1e-42.el7_1.8.s390.rpm openssl-libs-1.0.1e-42.el7_1.8.s390x.rpm
x86_64: openssl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.8.i686.rpm openssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.8.i686.rpm openssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-42.ael7b_1.8.src.rpm
ppc64le: openssl-1.0.1e-42.ael7b_1.8.ppc64le.rpm openssl-debuginfo-1.0.1e-42.ael7b_1.8.ppc64le.rpm openssl-devel-1.0.1e-42.ael7b_1.8.ppc64le.rpm openssl-libs-1.0.1e-42.ael7b_1.8.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-42.el7_1.8.ppc.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.ppc64.rpm openssl-perl-1.0.1e-42.el7_1.8.ppc64.rpm openssl-static-1.0.1e-42.el7_1.8.ppc.rpm openssl-static-1.0.1e-42.el7_1.8.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-42.el7_1.8.s390.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.s390x.rpm openssl-perl-1.0.1e-42.el7_1.8.s390x.rpm openssl-static-1.0.1e-42.el7_1.8.s390.rpm openssl-static-1.0.1e-42.el7_1.8.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-static-1.0.1e-42.el7_1.8.i686.rpm openssl-static-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64le: openssl-debuginfo-1.0.1e-42.ael7b_1.8.ppc64le.rpm openssl-perl-1.0.1e-42.ael7b_1.8.ppc64le.rpm openssl-static-1.0.1e-42.ael7b_1.8.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-42.el7_1.8.src.rpm
x86_64: openssl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-devel-1.0.1e-42.el7_1.8.i686.rpm openssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm openssl-libs-1.0.1e-42.el7_1.8.i686.rpm openssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm openssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm openssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm openssl-static-1.0.1e-42.el7_1.8.i686.rpm openssl-static-1.0.1e-42.el7_1.8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-8176 https://access.redhat.com/security/cve/CVE-2015-1789 https://access.redhat.com/security/cve/CVE-2015-1790 https://access.redhat.com/security/cve/CVE-2015-1791 https://access.redhat.com/security/cve/CVE-2015-1792 https://access.redhat.com/security/cve/CVE-2015-3216 https://access.redhat.com/security/updates/classification/#moderate https://www.openssl.org/news/secadv_20150611.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVf0NNXlSAg2UNWIIRArL4AJ9e7lbD/4Nks5midR5o3E4Bs5lQWQCgnrvk ZyXizCcFL9oAQexObjxp/Mo= =PXiY -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "15.1"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.3"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.4"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0q"
},
{
"_id": null,
"model": "sparc-opl service processor",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"_id": null,
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8zf"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0p"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0o"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0r"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0n"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"_id": null,
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.9,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "hs series all versions"
},
{
"_id": null,
"model": "hpe systems insight manager",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"_id": null,
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "6.1"
},
{
"_id": null,
"model": "peoplesoft products",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of peoplesoft enterprise peopletools 8.54"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0"
},
{
"_id": null,
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver6.0"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard-j edition v7.1 to v8.1"
},
{
"_id": null,
"model": "hpe matrix operating environment",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0s"
},
{
"_id": null,
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "7.0"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v4.2 to v6.5"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "mcoperations ver3.6.2 to ver4.2"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "ip38x/5000",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all revisions"
},
{
"_id": null,
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0 manager component"
},
{
"_id": null,
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.01"
},
{
"_id": null,
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "5.6.25 and earlier"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.2"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.4"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.1"
},
{
"_id": null,
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "3c ucm"
},
{
"_id": null,
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10.2"
},
{
"_id": null,
"model": "hpe insight control",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "none"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series sg3600lm/lg/lj v6.1"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "systemmanager ver5.5.2 to ver6.2.1"
},
{
"_id": null,
"model": "ip38x/3500",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all revisions"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard v8.2 to v9.2"
},
{
"_id": null,
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "nv7500/nv5500/nv3500 series"
},
{
"_id": null,
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "nv7400/nv5400/nv3400 series"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v4.0"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v7.1 to v8.1"
},
{
"_id": null,
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle exalogic infrastructure eecs 2.0.6.2.3"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "uddi registry v1.1 to v7.1"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator probe option ver3.1.0.x to ver4.1.0.x"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0"
},
{
"_id": null,
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.02"
},
{
"_id": null,
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "3c cmm"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.2"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v4.2 to v6.5"
},
{
"_id": null,
"model": "hpe server migration pack",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v7.1"
},
{
"_id": null,
"model": "xcp",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "(sparc enterprise m3000/m4000/m5000/m8000/m9000 server )"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v7.1"
},
{
"_id": null,
"model": "peoplesoft products",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of peoplesoft enterprise peopletools 8.53"
},
{
"_id": null,
"model": "hpe version control repository manager",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series intersecvm/sg v1.2"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.0"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "jobcenter r14.1"
},
{
"_id": null,
"model": "ip38x/810",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all revisions"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard-j edition v4.1 to v6.5"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"_id": null,
"model": "hpe insight control",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "server provisioning"
},
{
"_id": null,
"model": "xcp",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle transportation management 6.2"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.9.5"
},
{
"_id": null,
"model": "webotx sip application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v7.1 to v8.1"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.8.5"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator agent ver3.3 to ver4.1"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.0"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "supply chain products suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle transportation management 6.1"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v4.1 to v6.5"
},
{
"_id": null,
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.4 to v9.2"
},
{
"_id": null,
"model": "ip38x/1210",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all revisions"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator manager ver3.2.2 to ver4.1"
},
{
"_id": null,
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"_id": null,
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "8.0"
},
{
"_id": null,
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "7.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.1"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series univerge sg3000lg/lj"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "junos 12.1x46-d25",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2"
},
{
"_id": null,
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"_id": null,
"model": "junos 12.1x44-d33",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"_id": null,
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.17"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"_id": null,
"model": "imc products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37001.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "junos 12.1x44-d50",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.4"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.15"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50001.1"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0.0.52"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.2"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sdk for node.js for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0.10.38"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1n",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.0"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "qradar siem mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "junos 15.1r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"_id": null,
"model": "security network controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.4.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.12"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.0"
},
{
"_id": null,
"model": "abyp-2t-1s-1l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"_id": null,
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.10"
},
{
"_id": null,
"model": "abyp-10g-2sr-2lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.08"
},
{
"_id": null,
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.17"
},
{
"_id": null,
"model": "exalogic infrastructure eecs",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.6.2.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5"
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1.1"
},
{
"_id": null,
"model": "infosphere master data management provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "abyp-10g-4lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4.0.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5.0.2"
},
{
"_id": null,
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.34"
},
{
"_id": null,
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.3.3"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "system networking rackswitch g8124-e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"_id": null,
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "70"
},
{
"_id": null,
"model": "project openssl 1.0.0o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.9"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "flashsystem 9840-ae2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"_id": null,
"model": "abyp-10g-4sr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "enterprise session border controller ecz7.3m2p2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"_id": null,
"model": "ds8870 r7.5",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "sdk for node.js for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0.12.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4.0.5"
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"_id": null,
"model": "qradar siem mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.18"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.2"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.4.0.4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "fortivoice enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.6"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.7"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.19"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.1"
},
{
"_id": null,
"model": "junos 12.1x44-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"_id": null,
"model": "junos 12.1x46-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "system networking rackswitch g8124",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.01"
},
{
"_id": null,
"model": "fortisandbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0"
},
{
"_id": null,
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.7"
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.6"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"_id": null,
"model": "junos 13.2x51-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.12"
},
{
"_id": null,
"model": "project openssl 1.0.0s",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.02"
},
{
"_id": null,
"model": "junos 12.1x47-d45",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "sparc enterprise m5000 xcp",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.5"
},
{
"_id": null,
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.2"
},
{
"_id": null,
"model": "screenos 6.3.0r13",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "fortiddos",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.1.5"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"_id": null,
"model": "secure backup",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.3"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.13"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8zf",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "abyp-0t-0s-4l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "qradar incident forensics mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"_id": null,
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"_id": null,
"model": "system networking rackswitch g8316",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.6"
},
{
"_id": null,
"model": "aura application server sip core pb5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "websphere mq for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5.0.2"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"_id": null,
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.18"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.3"
},
{
"_id": null,
"model": "project openssl 0.9.8zc",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "infosphere guardium for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"_id": null,
"model": "server migration pack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"_id": null,
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "sparc enterprise m4000 xcp",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35001.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.7"
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.1.0"
},
{
"_id": null,
"model": "system networking rackswitch g8124",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"_id": null,
"model": "flashsystem 9846-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": "fsso build",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "235"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.3"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.5"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2"
},
{
"_id": null,
"model": "security network controller 1.0.3376m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "operations agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "12.01"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "junos 13.2x51-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4.0.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.6"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"_id": null,
"model": "junos 12.1x46-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "junos 12.3r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.214"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.5"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.211"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"_id": null,
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "junos 14.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.12"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4.0.6"
},
{
"_id": null,
"model": "open source siem",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "worklight foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.20"
},
{
"_id": null,
"model": "junos 13.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "abyp-4tl-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "cms r16.3",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "netinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5.0.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.19"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "workflow for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"_id": null,
"model": "junos 14.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.8"
},
{
"_id": null,
"model": "linux enterprise server sp2 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"_id": null,
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.33"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"_id": null,
"model": "enterprise content management system monitor fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.02"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.4.03"
},
{
"_id": null,
"model": "i v5r4",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "abyp-2t-1s-1l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.3"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"_id": null,
"model": "junos 14.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.1.8"
},
{
"_id": null,
"model": "system networking rackswitch g8264t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "junos 14.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.4"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "i v5r3",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.2b",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "one-x client enablement services sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "screenos 6.3.0r19",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.14"
},
{
"_id": null,
"model": "abyp-2t-2s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.8"
},
{
"_id": null,
"model": "abyp-0t-4s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.213"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.6"
},
{
"_id": null,
"model": "hp-ux b.11.11.16.09",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.07"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.38"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "system networking rackswitch g8124-e",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.41"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "aura utility services sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.12"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "flashsystem 9848-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"_id": null,
"model": "abyp-2t-0s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "15.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "version control repository manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "system networking rackswitch g8264t",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.4.0"
},
{
"_id": null,
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4.0.6"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.3"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "junos 12.1x46-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.0"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "junos 12.1x47-d11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.35"
},
{
"_id": null,
"model": "websphere mq",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"_id": null,
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"_id": null,
"model": "junos 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"_id": null,
"model": "project openssl 0.9.8zg",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 13.2x51-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sparc enterprise m8000 xcp",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "abyp-0t-4s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "qradar siem mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.7"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.13"
},
{
"_id": null,
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.9"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.5"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.3"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.7"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.3"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.10"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.1"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "abyp-10g-2sr-2lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 1.0.0r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0"
},
{
"_id": null,
"model": "aura conferencing sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "workload deployer if9",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.7"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.010"
},
{
"_id": null,
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "junos 12.3r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.212"
},
{
"_id": null,
"model": "cognos insight standard edition fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.124"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.0"
},
{
"_id": null,
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.11.14.15",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"_id": null,
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "system networking rackswitch g8332",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.20.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.3"
},
{
"_id": null,
"model": "fortiadc",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.7"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5.0.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.12"
},
{
"_id": null,
"model": "endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.21"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"_id": null,
"model": "unified security management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.15"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.7"
},
{
"_id": null,
"model": "junos 12.1x46-d36",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "hp-ux b.11.11.15.13",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"_id": null,
"model": "qradar incident forensics patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.41"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5.0.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "session border controller for enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.0"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.7"
},
{
"_id": null,
"model": "junos 12.1x47-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5.0.3"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.4"
},
{
"_id": null,
"model": "project openssl 1.0.0q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.14"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.3"
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "one-x client enablement services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "storwize unified",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "junos 12.1x44-d51",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux server eus 6.6.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "qradar incident forensics mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.2"
},
{
"_id": null,
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "junos 12.3x48-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "infosphere master data management patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"_id": null,
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.03"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.1"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "qradar siem mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.9"
},
{
"_id": null,
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.30"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "aura conferencing sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.9.1"
},
{
"_id": null,
"model": "system networking rackswitch g8264cs",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.11.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"_id": null,
"model": "security network controller 1.0.3387m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"_id": null,
"model": "junos d40",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "junos 15.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network controller 1.0.3379m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8za",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "comware products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "50"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "abyp-4ts-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.38"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.14"
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"_id": null,
"model": "screenos 6.3.0r22",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4.0.5"
},
{
"_id": null,
"model": "endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"_id": null,
"model": "netinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.14"
},
{
"_id": null,
"model": "cognos insight standard edition fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.214"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.16"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "junos 14.1r6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.16"
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "abyp-0t-2s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.10"
},
{
"_id": null,
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"_id": null,
"model": "project openssl 0.9.8ze",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"_id": null,
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"_id": null,
"model": "hp-ux b.11.23.1.007",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"_id": null,
"model": "forticlient windows/mac",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.3"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.31"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.4.04"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4.0.6"
},
{
"_id": null,
"model": "security network controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security identity governance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.12"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "hp-ux b.11.11.02.008",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.19"
},
{
"_id": null,
"model": "abyp-10g-4sr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10.2"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "junos 14.2r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.157"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "16.1"
},
{
"_id": null,
"model": "junos 12.1x47-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.8"
},
{
"_id": null,
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "vcx products",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "qradar incident forensics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"_id": null,
"model": "aura application server sip core pb3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.10"
},
{
"_id": null,
"model": "security network controller 1.0.3381m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "flashsystem 9843-ae2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"_id": null,
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "system networking rackswitch g8264cs",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.5"
},
{
"_id": null,
"model": "hp-ux b.11.11.17.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.01"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.03"
},
{
"_id": null,
"model": "forticlient ios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.1"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5.0.3"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.41"
},
{
"_id": null,
"model": "forticlient android",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.6"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "sonas",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.2"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.41"
},
{
"_id": null,
"model": "hp-ux b.11.23.07.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"_id": null,
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "aura conferencing sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"_id": null,
"model": "abyp-4tl-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.7"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.2"
},
{
"_id": null,
"model": "project openssl 1.0.0p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"_id": null,
"model": "junos 12.1x46-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.09"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "project openssl 1.0.0n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.0.3"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1"
},
{
"_id": null,
"model": "junos 15.1x49-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "insight control",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "abyp-4t-0s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.41"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.3"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.12"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.10"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"_id": null,
"model": "flashsystem 9848-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.13"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.62"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.2"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.5"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "junos 12.3x48-d30",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"_id": null,
"model": "junos 13.2x51-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"_id": null,
"model": "aura conferencing sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.2"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.05"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5.0.2"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "junos 15.1x49-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "fortiauthenticator",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura messaging sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.5"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 12.1x44-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "security network controller 1.0.3361m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 12.1x47-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.13"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "ascenlink",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "7.2.3"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.16"
},
{
"_id": null,
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "sterling integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8zb",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.9"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4.0.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "junos 13.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"_id": null,
"model": "flashsystem 9843-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"_id": null,
"model": "project openssl 1.0.0m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "communications security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"_id": null,
"model": "junos 12.3x48-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"_id": null,
"model": "qradar siem patch ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.44"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"_id": null,
"model": "system networking rackswitch g8316",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.00"
},
{
"_id": null,
"model": "filenet system monitor interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.8"
},
{
"_id": null,
"model": "junos 12.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "screenos 6.3.0r21",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.19"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"_id": null,
"model": "aura communication manager ssp04",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1.8"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise content management system monitor interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 13.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.06"
},
{
"_id": null,
"model": "junos 12.1x44-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos 12.1x44-d30.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"_id": null,
"model": "junos d20",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.07"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "bladesystem c-class virtual connect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.50"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.8"
},
{
"_id": null,
"model": "abyp-10g-4lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.6"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"_id": null,
"model": "sparc enterprise m9000 xcp",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "qradar siem mr2 patch ifi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.110"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"_id": null,
"model": "abyp-0t-0s-4l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.3"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "abyp-4t-0s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "hp-ux b.11.11.13.14",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"_id": null,
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.7"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "abyp-0t-2s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.34"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "screenos 6.3.0r12",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.8"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.2.0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.12"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "junos 13.2x51-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.45"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"_id": null,
"model": "junos 14.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"_id": null,
"model": "flashsystem 9846-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.0"
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.11"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.16"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.21"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.0"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "system networking rackswitch g8332",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.21.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.5"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "junos 12.3r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"_id": null,
"model": "sparc enterprise m3000 xcp",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.26"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "junos d35",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3"
},
{
"_id": null,
"model": "unified security management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"_id": null,
"model": "qradar siem mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.37"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "junos 12.1x44-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "junos 12.1x46-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.0.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.3"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.19"
},
{
"_id": null,
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.1.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "junos 12.3x48-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.5"
},
{
"_id": null,
"model": "abyp-2t-2s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "operations agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "11.15"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.6"
},
{
"_id": null,
"model": "abyp-4ts-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.02"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "junos 12.3r11",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "screenos 6.3.0r20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"_id": null,
"model": "junos 13.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "cognos insight standard edition fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.24"
},
{
"_id": null,
"model": "forticache",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"_id": null,
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "aura application server sip core sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "project openssl 0.9.8zd",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"_id": null,
"model": "junos 14.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"_id": null,
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"_id": null,
"model": "server migration pack",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.33"
},
{
"_id": null,
"model": "sterling connect:enterprise for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.37"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.43"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "worklight foundation enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "predictiveinsight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "junos 12.1x44-d35.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "open source siem",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.12"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "junos 14.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.10"
},
{
"_id": null,
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"_id": null,
"model": "abyp-2t-0s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.14.0"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.32"
},
{
"_id": null,
"model": "junos 13.2x51-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.8"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.8"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "qradar siem mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.19"
}
],
"sources": [
{
"db": "BID",
"id": "75156"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
},
{
"db": "NVD",
"id": "CVE-2015-1789"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:mysql",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:e-business_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:fusion_middleware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:peoplesoft_products",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:supply_chain_products_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:xcp",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:insight_control",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:matrix_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:server_migration_pack",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:systems_insight_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:version_control_repository_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hp:system_management_homepage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:capssuite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:enterprise_directoryserver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:express5800",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_1200",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_1210",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_3000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_3500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_5000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_810",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_fw120",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:istorage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ix2000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ix3000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:secureware_pki_application_development_kit",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:univerge",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_enterprise_service_bus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_portal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_sip_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:websam",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
}
]
},
"credits": {
"_id": null,
"data": "Robert Swiecki(Google) and Hanno B\u0026amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;ouml;ck.",
"sources": [
{
"db": "BID",
"id": "75156"
}
],
"trust": 0.3
},
"cve": "CVE-2015-1789",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2015-1789",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2015-1789",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-1789",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-1789",
"trust": 0.8,
"value": "High"
},
{
"author": "VULMON",
"id": "CVE-2015-1789",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1789"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
},
{
"db": "NVD",
"id": "CVE-2015-1789"
}
]
},
"description": {
"_id": null,
"data": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback. OpenSSL is prone to denial-of-service vulnerability. \nAn attacker may exploit this issue to cause a denial-of-service condition. \nThe following are vulnerable:\nOpenSSL 1.0.2 prior to 1.0.2b\nOpenSSL 1.0.1 prior to 1.0.1n\nOpenSSL 1.0.0 prior to 1.0.0s\nOpenSSL 0.9.8 prior to 0.9.8zg. OpenSSL Security Advisory [11 Jun 2015]\n=======================================\n\nDHE man-in-the-middle protection (Logjam)\n====================================================================\n\nA vulnerability in the TLS protocol allows a man-in-the-middle\nattacker to downgrade vulnerable TLS connections using ephemeral\nDiffie-Hellman key exchange to 512-bit export-grade cryptography. This\nvulnerability is known as Logjam (CVE-2015-4000). \n\nOpenSSL has added protection for TLS clients by rejecting handshakes\nwith DH parameters shorter than 768 bits. This limit will be increased\nto 1024 bits in a future release. \n\nMalformed ECParameters causes infinite loop (CVE-2015-1788)\n===========================================================\n\nSeverity: Moderate\n\nWhen processing an ECParameters structure OpenSSL enters an infinite loop if\nthe curve specified is over a specially malformed binary polynomial field. \n\nThis can be used to perform denial of service against any\nsystem which processes public keys, certificate requests or\ncertificates. This includes TLS clients and TLS servers with\nclient authentication enabled. \n\nThis issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent\n1.0.0 and 0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are\naffected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s\nOpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The\nfix was developed by Andy Polyakov of the OpenSSL development team. \n\nExploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)\n===============================================================\n\nSeverity: Moderate\n\nX509_cmp_time does not properly check the length of the ASN1_TIME\nstring and can read a few bytes out of bounds. In addition,\nX509_cmp_time accepts an arbitrary number of fractional seconds in the\ntime string. \n\nAn attacker can use this to craft malformed certificates and CRLs of\nvarious sizes and potentially cause a segmentation fault, resulting in\na DoS on applications that verify certificates or CRLs. TLS clients\nthat verify CRLs are affected. TLS clients and servers with client\nauthentication enabled may be affected if they use custom verification\ncallbacks. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 8th April 2015 by Robert Swiecki\n(Google), and independently on 11th April 2015 by Hanno B\u00f6ck. The fix\nwas developed by Emilia K\u00e4sper of the OpenSSL development team. \n\nPKCS7 crash with missing EnvelopedContent (CVE-2015-1790)\n=========================================================\n\nSeverity: Moderate\n\nThe PKCS#7 parsing code does not handle missing inner EncryptedContent\ncorrectly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs\nwith missing content and trigger a NULL pointer dereference on parsing. \n\nApplications that decrypt PKCS#7 data or otherwise parse PKCS#7\nstructures from untrusted sources are affected. OpenSSL clients and\nservers are not affected. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 18th April 2015 by Michal\nZalewski (Google). The fix was developed by Emilia K\u00e4sper of the\nOpenSSL development team. \n\nThis can be used to perform denial of service against any system which\nverifies signedData messages using the CMS code. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2b\nOpenSSL 1.0.1 users should upgrade to 1.0.1n\nOpenSSL 1.0.0 users should upgrade to 1.0.0s\nOpenSSL 0.9.8 users should upgrade to 0.9.8zg\n\nThis issue was reported to OpenSSL on 31st March 2015 by Johannes Bauer. The\nfix was developed by Dr. Stephen Henson of the OpenSSL development team. \n\nThis issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. The\nfix was developed by Matt Caswell of the OpenSSL development team. It\nexisted in previous OpenSSL versions and was fixed in June 2014. \n\nIf a DTLS peer receives application data between the ChangeCipherSpec\nand Finished messages, buffering of such data may cause an invalid\nfree, resulting in a segmentation fault or potentially, memory\ncorruption. \n\nThis issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThis issue was originally reported on March 28th 2014 in\nhttps://rt.openssl.org/Ticket/Display.html?id=3286 by Praveen\nKariyanahalli, and subsequently by Ivan Fratric and Felix Groebert\n(Google). A fix was developed by zhu qun-ying. \n\nThe fix for this issue can be identified by commits bcc31166 (1.0.1),\nb79e6e3a (1.0.0) and 4b258e73 (0.9.8). \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nreleases will be provided after that date. Users of these releases are advised\nto upgrade. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20150611.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. These vulnerabilities\ninclude:\n\nThe SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" also known as \"POODLE\", which could be exploited remotely\nresulting in disclosure of information. \nThe following firmware versions of Virtual Connect (VC) are impacted:\n\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21\n\nNote: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800,\nCVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and\nCVE-2016-2842. \n\nRelease Date: 2015-07-10\nLast Updated: 2015-07-10\n\nPotential Security Impact: Remote Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP IceWall\nProducts running OpenSSL. \nProduct\n Impacted Versions\n Impacted CVEs\n\nHP IceWall MCRP\n v3.0\n CVE-2015-1789\nCVE-2015-1790\nCVE-2015-1792\n\nHP IceWall SSO Dfw\n v10.0\n CVE-2015-1789\nCVE-2015-1790\nCVE-2015-1792\n\nHP IceWall SSO Agent Option\n v10.0\n CVE-2015-1789\nCVE-2015-1790\nCVE-2015-1792\n\nHP IceWall SSO Certd\n v10.0\n CVE-2015-1792\n\nHP IceWall Federation Agent\n v3.0\n CVE-2015-1792\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP recommends applying the latest OS vendor security patches for OpenSSL to\nresolve the vulnerabilities for HP IceWall Products. \n\n HP IceWall SSO Dfw v10.0 and Certd v10.0, which are running on RHEL, could\nbe using either the OS bundled OpenSSL library or the OpenSSL bundled with HP\nIceWall. If still using the OpenSSL bundled with HP IceWall, please apply the\nlatest OS vendor security patches for OpenSSL and switch to the OpenSSL\nlibrary bundled with the OS. \n\n Documents are available at the following location with instructions to\nswitch to the OS bundled OpenSSL library:\n\n http://www.hp.com/jp/icewall_patchaccess\n\n Note: The HP IceWall product is only available in Japan. \n\nHISTORY\nVersion:1 (rev.1) - 10 July 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. This\n could allow remote attackers to cause a denial of service. This could allow remote attackers to cause\n a denial of service (crash). This could allow remote attackers to cause\n a denial of service. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 1.0.1e-2+deb7u17. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1k-3+deb8u1. \n\nFor the testing distribution (stretch), these problems have been fixed\nin version 1.0.2b-1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2b-1. \nCorrected: 2015-06-11 19:07:45 UTC (stable/10, 10.1-STABLE)\n 2015-06-12 07:23:55 UTC (releng/10.1, 10.1-RELEASE-p12)\n 2015-06-11 19:39:27 UTC (stable/9, 9.3-STABLE)\n 2015-06-12 07:23:55 UTC (releng/9.3, 9.3-RELEASE-p16)\n 2015-06-11 19:39:27 UTC (stable/8, 8.4-STABLE)\n 2015-06-12 07:23:55 UTC (releng/8.4, 8.4-RELEASE-p30)\nCVE Name: CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791\n CVE-2015-1792, CVE-2015-4000\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. Background\n\nFreeBSD includes software from the OpenSSL Project. \n\nII. [CVE-2015-1791]\n\nThe OpenSSL advisory also describes a problem that is identified as\nCVE-2014-8176, which is already fixed by an earlier FreeBSD Errata\nNotice, FreeBSD-EN-15:02.openssl. \n\nIII. [CVE-2015-4000]. \n[CVE-2015-1788]. This affects FreeBSD 10.1 only, as the problem\nwas no longer exist in OpenSSL 0.9.8 series since July 2012. [CVE-2015-1790]. [CVE-2015-1792]\n\nAn attacker may be able to crash multi-thread applications that\nsupports resumed TLS handshakes. [CVE-2015-1791]\n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.1]\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch.asc\n# gpg --verify openssl-10.1.patch.asc\n\n[FreeBSD 9.3 and 8.4]\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch.asc\n# gpg --verify openssl-8.4.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r284286\nreleng/8.4/ r284295\nstable/9/ r284286\nreleng/9.3/ r284295\nstable/10/ r284285\nreleng/10.1/ r284295\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: openssl security update\nAdvisory ID: RHSA-2015:1115-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1115.html\nIssue date: 2015-06-15\nCVE Names: CVE-2014-8176 CVE-2015-1789 CVE-2015-1790 \n CVE-2015-1791 CVE-2015-1792 CVE-2015-3216 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. \n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a DTLS\nserver or client using OpenSSL to crash or, potentially, execute arbitrary\ncode. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. (CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of\nOpenSSL. A specially crafted X.509 certificate or a Certificate Revocation\nList (CRL) could possibly cause a TLS/SSL server or client using OpenSSL\nto crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL. This\nissue could possibly cause a multi-threaded TLS/SSL client using OpenSSL\nto double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax\n(CMS) messages. A CMS message with an unknown hash function identifier\ncould cause an application using OpenSSL to enter an infinite loop. \n(CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to crash. \n(CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan\nFratric as the original reporters of CVE-2014-8176, Robert Swiecki and\nHanno B\u00f6ck as the original reporters of CVE-2015-1789, Michal Zalewski as\nthe original reporter of CVE-2015-1790, Emilia K\u00e4sper as the original\nreport of CVE-2015-1791 and Johannes Bauer as the original reporter of\nCVE-2015-1792. \n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1227574 - CVE-2015-3216 openssl: Crash in ssleay_rand_bytes due to locking regression\n1228603 - CVE-2015-1789 OpenSSL: out-of-bounds read in X509_cmp_time\n1228604 - CVE-2015-1790 OpenSSL: PKCS7 crash with missing EnvelopedContent\n1228607 - CVE-2015-1792 OpenSSL: CMS verify infinite loop with unknown hash function\n1228608 - CVE-2015-1791 OpenSSL: Race condition handling NewSessionTicket\n1228611 - CVE-2014-8176 OpenSSL: Invalid free in DTLS\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.11.src.rpm\n\ni386:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-static-1.0.1e-30.el6_6.11.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.11.src.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.11.src.rpm\n\ni386:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\n\nppc64:\nopenssl-1.0.1e-30.el6_6.11.ppc.rpm\nopenssl-1.0.1e-30.el6_6.11.ppc64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.ppc.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.ppc64.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.ppc.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-30.el6_6.11.s390.rpm\nopenssl-1.0.1e-30.el6_6.11.s390x.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.s390.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.s390x.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.s390.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-static-1.0.1e-30.el6_6.11.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.ppc64.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.ppc64.rpm\nopenssl-static-1.0.1e-30.el6_6.11.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.s390x.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.s390x.rpm\nopenssl-static-1.0.1e-30.el6_6.11.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-30.el6_6.11.src.rpm\n\ni386:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-devel-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.i686.rpm\nopenssl-static-1.0.1e-30.el6_6.11.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.11.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.11.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-42.el7_1.8.src.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-static-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-static-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-42.el7_1.8.src.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-static-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-static-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-42.el7_1.8.src.rpm\n\nppc64:\nopenssl-1.0.1e-42.el7_1.8.ppc64.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.ppc.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.ppc64.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.ppc.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.ppc64.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.ppc.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-42.el7_1.8.s390x.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.s390.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.s390x.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.s390.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.s390x.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.s390.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-42.ael7b_1.8.src.rpm\n\nppc64le:\nopenssl-1.0.1e-42.ael7b_1.8.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-42.ael7b_1.8.ppc64le.rpm\nopenssl-devel-1.0.1e-42.ael7b_1.8.ppc64le.rpm\nopenssl-libs-1.0.1e-42.ael7b_1.8.ppc64le.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-42.el7_1.8.ppc.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.ppc64.rpm\nopenssl-perl-1.0.1e-42.el7_1.8.ppc64.rpm\nopenssl-static-1.0.1e-42.el7_1.8.ppc.rpm\nopenssl-static-1.0.1e-42.el7_1.8.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-42.el7_1.8.s390.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.s390x.rpm\nopenssl-perl-1.0.1e-42.el7_1.8.s390x.rpm\nopenssl-static-1.0.1e-42.el7_1.8.s390.rpm\nopenssl-static-1.0.1e-42.el7_1.8.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-static-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-static-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64le:\nopenssl-debuginfo-1.0.1e-42.ael7b_1.8.ppc64le.rpm\nopenssl-perl-1.0.1e-42.ael7b_1.8.ppc64le.rpm\nopenssl-static-1.0.1e-42.ael7b_1.8.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-42.el7_1.8.src.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-devel-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-libs-1.0.1e-42.el7_1.8.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-perl-1.0.1e-42.el7_1.8.x86_64.rpm\nopenssl-static-1.0.1e-42.el7_1.8.i686.rpm\nopenssl-static-1.0.1e-42.el7_1.8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-8176\nhttps://access.redhat.com/security/cve/CVE-2015-1789\nhttps://access.redhat.com/security/cve/CVE-2015-1790\nhttps://access.redhat.com/security/cve/CVE-2015-1791\nhttps://access.redhat.com/security/cve/CVE-2015-1792\nhttps://access.redhat.com/security/cve/CVE-2015-3216\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://www.openssl.org/news/secadv_20150611.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVf0NNXlSAg2UNWIIRArL4AJ9e7lbD/4Nks5midR5o3E4Bs5lQWQCgnrvk\nZyXizCcFL9oAQexObjxp/Mo=\n=PXiY\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1789"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
},
{
"db": "BID",
"id": "75156"
},
{
"db": "VULMON",
"id": "CVE-2015-1789"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132637"
},
{
"db": "PACKETSTORM",
"id": "132291"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132313"
},
{
"db": "PACKETSTORM",
"id": "136989"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-1789",
"trust": 2.9
},
{
"db": "JUNIPER",
"id": "JSA10733",
"trust": 1.4
},
{
"db": "JUNIPER",
"id": "JSA10694",
"trust": 1.4
},
{
"db": "BID",
"id": "75156",
"trust": 1.4
},
{
"db": "BID",
"id": "91787",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10122",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032564",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU91445763",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-1789",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169629",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137294",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132637",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132291",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132288",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132313",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136989",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1789"
},
{
"db": "BID",
"id": "75156"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132637"
},
{
"db": "PACKETSTORM",
"id": "132291"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132313"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
},
{
"db": "NVD",
"id": "CVE-2015-1789"
}
]
},
"id": "VAR-201506-0498",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.1575688975
},
"last_update_date": "2026-04-10T23:17:27.032000Z",
"patch": {
"_id": null,
"data": [
{
"title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205031"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT205031"
},
{
"title": "cisco-sa-20150612-openssl",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl"
},
{
"title": "Fix length checks in X509_cmp_time to avoid out-of-bounds reads.",
"trust": 0.8,
"url": "https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11"
},
{
"title": "HPSBUX03388",
"trust": 0.8,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143880121627664\u0026amp;w=2"
},
{
"title": "HPSBMU03612",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05158380"
},
{
"title": "HPSBHF03613",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05184351"
},
{
"title": "HPSBMU03546",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05045763"
},
{
"title": "HPSBMU03611",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05150888"
},
{
"title": "\u30a2\u30e9\u30a4\u30c9\u30c6\u30ec\u30b7\u30b9\u682a\u5f0f\u4f1a\u793e\u304b\u3089\u306e\u60c5\u5831",
"trust": 0.8,
"url": "http://jvn.jp/vu/JVNVU91445763/522154/index.html"
},
{
"title": "NV15-010",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-010.html"
},
{
"title": "OpenSSL vulnerabilities",
"trust": 0.8,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"title": "Tarballs",
"trust": 0.8,
"url": "https://www.openssl.org/source/"
},
{
"title": "[11 Jun 2015] DHE man-in-the-middle protection (Logjam)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - April 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016verbose-2881709.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - October 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015verbose-2367954.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"title": "Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - January 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016verbose-2367956.html"
},
{
"title": "Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"title": "Oracle Critical Patch Update CVSS V2 Risk Matrices - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"title": "April 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/april_2016_critical_patch_update"
},
{
"title": "October 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2015_critical_patch_update"
},
{
"title": "July 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2016_critical_patch_update"
},
{
"title": "January 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/january_2016_critical_patch_update"
},
{
"title": "JSA10694",
"trust": 0.8,
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10694"
},
{
"title": "TLSA-2015-14",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2015/TLSA-2015-14j.html"
},
{
"title": "cisco-sa-20150612-openssl",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/112/1129/1129443_cisco-sa-20150612-openssl-j.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/07/06/hpe_rushes_out_patch_for_more_than_a_year_of_openssl_vulns/"
},
{
"title": "Red Hat: CVE-2015-1789",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-1789"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2639-1"
},
{
"title": "Amazon Linux AMI: ALAS-2015-550",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-550"
},
{
"title": "Tenable Security Advisories: [R7] OpenSSL \u002720150611\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2015-07"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150612-openssl"
},
{
"title": "Symantec Security Advisories: SA98 : OpenSSL Security Advisory 11-June-2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=a7350b0751124b5a44ba8dbd2df71f9f"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=8b701aba68029ec36b631a8e26157a22"
},
{
"title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=122319027ae43d6d626710f1b1bb1d43"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=63802a6c83b107c4e6e0c7f9241a66a8"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2015-1789 "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/khadas/android_external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/yaap/external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/crdroid-r/external_honggfuzz "
},
{
"title": "tab_pie_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/CredenceID/tab_pie_external_honggfuzz "
},
{
"title": "platform_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/DennissimOS/platform_external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/swordphoenix/external_honggfuzz "
},
{
"title": "platform_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/aosp-caf-upstream/platform_external_honggfuzz "
},
{
"title": "honggfuzz_READ",
"trust": 0.1,
"url": "https://github.com/imbaya2466/honggfuzz_READ "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/bananadroid/android_external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/ForkLineageOS/external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/TheXPerienceProject/android_external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/random-aosp-stuff/android_external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/Wave-Project/external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/Project-1CE/external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/jingpad-bsp/android_external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/crdroidandroid/android_external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/StatiXOS/android_external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/CAF-Extended/external_honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/Ozone-OS/external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/Corvus-R/android_external_honggfuzz "
},
{
"title": "external-honggfuzz",
"trust": 0.1,
"url": "https://github.com/TinkerBoard2-Android/external-honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/TinkerEdgeR-Android/external_honggfuzz "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/ep-infosec/50_google_honggfuzz "
},
{
"title": "lllnx",
"trust": 0.1,
"url": "https://github.com/lllnx/lllnx "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/TinkerBoard2-Android/external_honggfuzz "
},
{
"title": "external-honggfuzz",
"trust": 0.1,
"url": "https://github.com/TinkerBoard-Android/external-honggfuzz "
},
{
"title": "external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/HavocR/external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/ProtonAOSP-platina/android_external_honggfuzz "
},
{
"title": "android_external_honggfuzz",
"trust": 0.1,
"url": "https://github.com/ProtonAOSP/android_external_honggfuzz "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Tomoms/android_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/google/honggfuzz "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1789"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
},
{
"db": "NVD",
"id": "CVE-2015-1789"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.6,
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1115.html"
},
{
"trust": 1.4,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10694"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150612-openssl"
},
{
"trust": 1.4,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/75156"
},
{
"trust": 1.1,
"url": "https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht205031"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05157667"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05131044"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05158380"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05184351"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05045763"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143654156615516\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.1,
"url": "https://openssl.org/news/secadv/20150611.txt"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10733"
},
{
"trust": 1.1,
"url": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"trust": 1.1,
"url": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"trust": 1.1,
"url": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05353965"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201506-02"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"trust": 1.1,
"url": "http://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2015-008.txt.asc"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10122"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160647.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160436.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2639-1"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032564"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3287"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1197.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1789"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu91445763/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1789"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1792"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1790"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1788"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022444"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962775"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965845"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/13"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10733\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04739301"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05353965"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05184351"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/aug/135"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131044"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05157667"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05150888"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05158380"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022527"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1022724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005313"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005376"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21961837"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962520"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963232"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963954"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965415"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21966484"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966723"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022655"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098801"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101012435"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101013879"
},
{
"trust": 0.3,
"url": "http://www.fortiguard.com/advisory/fg-ir-15-014/"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101012550"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/5438/security-advisory-alienvault-v5-0-4-addresses-31-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962519"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962726"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963964"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005375"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962039"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020862"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022647"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962686"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961800"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961633"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960633"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963096"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960713"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964033"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964441"
},
{
"trust": 0.3,
"url": "www-01.ibm.com/support/docview.wss?uid=swg21903425"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960157"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020840"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961179"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962493"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?rs=0\u0026uid=swg21963438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962623"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959518"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961569"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963270"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005314"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005373"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005434"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960045"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963498"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966481"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966847"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966873"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967384"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968046"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968871"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970020"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970103"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971238"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964030"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963603"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966381"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4000"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2015-1789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2639-1/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=44733"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://rt.openssl.org/ticket/display.html?id=3286"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/swd/public"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5161"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0800"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/jp/icewall_patchaccess"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1789\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-8.4.patch.asc"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv_20150611.txt\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4000\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1790\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-10.1.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-15:10.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1791\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-10.1.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:10/openssl-8.4.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1788\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1792\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1790"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1791"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1792"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-1789"
},
{
"trust": 0.1,
"url": "https://www.hp.com/swpublishing/mtx-b59b11be53744759a650eadeb4"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/sim"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-1789"
},
{
"db": "BID",
"id": "75156"
},
{
"db": "PACKETSTORM",
"id": "169629"
},
{
"db": "PACKETSTORM",
"id": "137294"
},
{
"db": "PACKETSTORM",
"id": "132637"
},
{
"db": "PACKETSTORM",
"id": "132291"
},
{
"db": "PACKETSTORM",
"id": "132288"
},
{
"db": "PACKETSTORM",
"id": "132313"
},
{
"db": "PACKETSTORM",
"id": "136989"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
},
{
"db": "NVD",
"id": "CVE-2015-1789"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2015-1789",
"ident": null
},
{
"db": "BID",
"id": "75156",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169629",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137294",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132637",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132291",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132288",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132313",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136989",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003081",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-1789",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-06-12T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1789",
"ident": null
},
{
"date": "2015-06-11T00:00:00",
"db": "BID",
"id": "75156",
"ident": null
},
{
"date": "2015-06-11T12:12:12",
"db": "PACKETSTORM",
"id": "169629",
"ident": null
},
{
"date": "2016-06-02T16:22:00",
"db": "PACKETSTORM",
"id": "137294",
"ident": null
},
{
"date": "2015-07-10T15:43:15",
"db": "PACKETSTORM",
"id": "132637",
"ident": null
},
{
"date": "2015-06-15T15:43:16",
"db": "PACKETSTORM",
"id": "132291",
"ident": null
},
{
"date": "2015-06-12T13:25:28",
"db": "PACKETSTORM",
"id": "132288",
"ident": null
},
{
"date": "2015-06-15T23:37:59",
"db": "PACKETSTORM",
"id": "132313",
"ident": null
},
{
"date": "2016-05-13T16:14:13",
"db": "PACKETSTORM",
"id": "136989",
"ident": null
},
{
"date": "2015-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003081",
"ident": null
},
{
"date": "2015-06-12T19:59:02.507000",
"db": "NVD",
"id": "CVE-2015-1789",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-1789",
"ident": null
},
{
"date": "2017-05-02T01:08:00",
"db": "BID",
"id": "75156",
"ident": null
},
{
"date": "2017-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003081",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-1789",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "75156"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "OpenSSL of crypto/x509/x509_vfy.c of X509_cmp_time Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003081"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "75156"
}
],
"trust": 0.3
}
}
VAR-201310-0350
Vulnerability from variot - Updated: 2026-04-10 23:12Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Swing. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the usage of NumberFormatter and RealTimeSequencer. With the usage of these classes, it is possible to disable the security manager and run code as privileged. This allows a malicious applet to execute attacker-supplied code resulting in remote code execution under the context of the current user. The vulnerability can be exploited over multiple protocols. This issue affects the 'Swing' sub-component. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201406-32
http://security.gentoo.org/
Severity: High Title: IcedTea JDK: Multiple vulnerabilities Date: June 29, 2014 Bugs: #312297, #330205, #340819, #346799, #352035, #353418, #354231, #355127, #370787, #387637, #404095, #421031, #429522, #433389, #438750, #442478, #457206, #458410, #461714, #466822, #477210, #489570, #508270 ID: 201406-32
Synopsis
Multiple vulnerabilities have been found in the IcedTea JDK, the worst of which could lead to arbitrary code execution.
Background
IcedTea is a distribution of the Java OpenJDK source code built with free build tools.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/icedtea-bin < 6.1.13.3 >= 6.1.13.3
Description
Multiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All IcedTea JDK users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/icedtea-bin-6.1.13.3"
References
[ 1 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 2 ] CVE-2010-2548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548 [ 3 ] CVE-2010-2783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783 [ 4 ] CVE-2010-3541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541 [ 5 ] CVE-2010-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548 [ 6 ] CVE-2010-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549 [ 7 ] CVE-2010-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551 [ 8 ] CVE-2010-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553 [ 9 ] CVE-2010-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554 [ 10 ] CVE-2010-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557 [ 11 ] CVE-2010-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561 [ 12 ] CVE-2010-3562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562 [ 13 ] CVE-2010-3564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564 [ 14 ] CVE-2010-3565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565 [ 15 ] CVE-2010-3566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566 [ 16 ] CVE-2010-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567 [ 17 ] CVE-2010-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568 [ 18 ] CVE-2010-3569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569 [ 19 ] CVE-2010-3573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573 [ 20 ] CVE-2010-3574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574 [ 21 ] CVE-2010-3860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860 [ 22 ] CVE-2010-4351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351 [ 23 ] CVE-2010-4448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448 [ 24 ] CVE-2010-4450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450 [ 25 ] CVE-2010-4465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465 [ 26 ] CVE-2010-4467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467 [ 27 ] CVE-2010-4469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469 [ 28 ] CVE-2010-4470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470 [ 29 ] CVE-2010-4471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471 [ 30 ] CVE-2010-4472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472 [ 31 ] CVE-2010-4476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476 [ 32 ] CVE-2011-0025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025 [ 33 ] CVE-2011-0706 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706 [ 34 ] CVE-2011-0815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815 [ 35 ] CVE-2011-0822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822 [ 36 ] CVE-2011-0862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862 [ 37 ] CVE-2011-0864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864 [ 38 ] CVE-2011-0865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865 [ 39 ] CVE-2011-0868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868 [ 40 ] CVE-2011-0869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869 [ 41 ] CVE-2011-0870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870 [ 42 ] CVE-2011-0871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871 [ 43 ] CVE-2011-0872 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872 [ 44 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 45 ] CVE-2011-3521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521 [ 46 ] CVE-2011-3544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544 [ 47 ] CVE-2011-3547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547 [ 48 ] CVE-2011-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548 [ 49 ] CVE-2011-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551 [ 50 ] CVE-2011-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552 [ 51 ] CVE-2011-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553 [ 52 ] CVE-2011-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554 [ 53 ] CVE-2011-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556 [ 54 ] CVE-2011-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557 [ 55 ] CVE-2011-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558 [ 56 ] CVE-2011-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560 [ 57 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 58 ] CVE-2011-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571 [ 59 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 60 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 61 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 62 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 63 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 64 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 65 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 66 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 67 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 68 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 69 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 70 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 71 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 72 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 73 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 74 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 75 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 76 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 77 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 78 ] CVE-2012-3422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422 [ 79 ] CVE-2012-3423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423 [ 80 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 81 ] CVE-2012-4540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540 [ 82 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 83 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 84 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 85 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 86 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 87 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 88 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 89 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 90 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 91 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 92 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 93 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 94 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 95 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 96 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 97 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 98 ] CVE-2012-5979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979 [ 99 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 100 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 101 ] CVE-2013-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424 [ 102 ] CVE-2013-0425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425 [ 103 ] CVE-2013-0426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426 [ 104 ] CVE-2013-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427 [ 105 ] CVE-2013-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428 [ 106 ] CVE-2013-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429 [ 107 ] CVE-2013-0431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431 [ 108 ] CVE-2013-0432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432 [ 109 ] CVE-2013-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433 [ 110 ] CVE-2013-0434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434 [ 111 ] CVE-2013-0435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435 [ 112 ] CVE-2013-0440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440 [ 113 ] CVE-2013-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441 [ 114 ] CVE-2013-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442 [ 115 ] CVE-2013-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443 [ 116 ] CVE-2013-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444 [ 117 ] CVE-2013-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450 [ 118 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 119 ] CVE-2013-1475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475 [ 120 ] CVE-2013-1476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476 [ 121 ] CVE-2013-1478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478 [ 122 ] CVE-2013-1480 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480 [ 123 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 124 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 125 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 126 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 127 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 128 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 129 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 130 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 131 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 132 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 133 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 134 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 135 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 136 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 137 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 138 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 139 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 140 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 141 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 142 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 143 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 144 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 145 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 146 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 147 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 148 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 149 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 150 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 151 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 152 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 153 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 154 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 155 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 156 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 157 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 158 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 159 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 160 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 161 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 162 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 163 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 164 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 165 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 166 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 167 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 168 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 169 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 170 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 171 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 172 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 173 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 174 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 175 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 176 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 177 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 178 ] CVE-2013-4002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002 [ 179 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 180 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 181 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 182 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 183 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 184 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 185 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 186 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 187 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 188 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 189 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 190 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 191 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 192 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 193 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 194 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 195 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 196 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 197 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 198 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 199 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 200 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 201 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 202 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 203 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 204 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 205 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 206 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 207 ] CVE-2013-6629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629 [ 208 ] CVE-2013-6954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954 [ 209 ] CVE-2014-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429 [ 210 ] CVE-2014-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446 [ 211 ] CVE-2014-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451 [ 212 ] CVE-2014-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452 [ 213 ] CVE-2014-0453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453 [ 214 ] CVE-2014-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456 [ 215 ] CVE-2014-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457 [ 216 ] CVE-2014-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458 [ 217 ] CVE-2014-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459 [ 218 ] CVE-2014-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460 [ 219 ] CVE-2014-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461 [ 220 ] CVE-2014-1876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876 [ 221 ] CVE-2014-2397 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397 [ 222 ] CVE-2014-2398 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398 [ 223 ] CVE-2014-2403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403 [ 224 ] CVE-2014-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412 [ 225 ] CVE-2014-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414 [ 226 ] CVE-2014-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421 [ 227 ] CVE-2014-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423 [ 228 ] CVE-2014-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201406-32.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: java-1.6.0-openjdk security update Advisory ID: RHSA-2013:1505-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-1505.html Issue date: 2013-11-05 CVE Names: CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 =====================================================================
- Summary:
Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit.
Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine. (CVE-2013-5782)
The class loader did not properly check the package access for non-public proxy classes. (CVE-2013-5830)
Multiple improper permission check issues were discovered in the 2D, CORBA, JNDI, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-5829, CVE-2013-5814, CVE-2013-5817, CVE-2013-5842, CVE-2013-5850)
Multiple input checking flaws were discovered in the JPEG image reading and writing code in the 2D component. An untrusted Java application or applet could use these flaws to corrupt the Java Virtual Machine memory and bypass Java sandbox restrictions. (CVE-2013-5809)
The FEATURE_SECURE_PROCESSING setting was not properly honored by the javax.xml.transform package transformers. A remote attacker could use this flaw to supply a crafted XML that would be processed without the intended security restrictions. (CVE-2013-5802)
Multiple errors were discovered in the way the JAXP and Security components processes XML inputs. A remote attacker could create a crafted XML that would cause a Java application to use an excessive amount of CPU and memory when processed. (CVE-2013-5825, CVE-2013-4002, CVE-2013-5823)
Multiple improper permission check issues were discovered in the Libraries, Swing, JAX-WS, JGSS, AWT, Beans, and Scripting components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2013-3829, CVE-2013-5840, CVE-2013-5774, CVE-2013-5783, CVE-2013-5820, CVE-2013-5849, CVE-2013-5790, CVE-2013-5784)
It was discovered that the 2D component image library did not properly check bounds when performing image conversions. An untrusted Java application or applet could use this flaw to disclose portions of the Java Virtual Machine memory. (CVE-2013-5778)
Multiple input sanitization flaws were discovered in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting attacks. (CVE-2013-5804, CVE-2013-5797)
Various OpenJDK classes that represent cryptographic keys could leak private key information by including sensitive data in strings returned by toString() methods. These flaws could possibly lead to an unexpected exposure of sensitive key data. (CVE-2013-5780)
The Java Heap Analysis Tool (jhat) failed to properly escape all data added into the HTML pages it generated. Crafted content in the memory of a Java program analyzed using jhat could possibly be used to conduct cross-site scripting attacks. (CVE-2013-5772)
The Kerberos implementation in OpenJDK did not properly parse KDC responses. A malformed packet could cause a Java application using JGSS to exit. (CVE-2013-5803)
All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
1018713 - CVE-2013-5803 OpenJDK: insufficient checks of KDC replies (JGSS, 8014341) 1018717 - CVE-2013-5772 OpenJDK: insufficient html escaping in jhat (jhat, 8011081) 1018720 - CVE-2013-5797 OpenJDK: insufficient escaping of window title string (Javadoc, 8016675) 1018727 - CVE-2013-5784 OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299) 1018736 - CVE-2013-5790 OpenJDK: insufficient security checks (Beans, 8012071) 1018750 - CVE-2013-5849 OpenJDK: insufficient DataFlavor security checks (AWT, 8012277) 1018785 - CVE-2013-5780 OpenJDK: key data leak via toString() methods (Libraries, 8011071) 1018831 - CVE-2013-5840 OpenJDK: getDeclaringClass() information leak (Libraries, 8014349) 1018972 - CVE-2013-5820 OpenJDK: insufficient security checks (JAXWS, 8017505) 1018984 - CVE-2013-5778 OpenJDK: image conversion out of bounds read (2D, 8014102) 1019108 - CVE-2013-5782 OpenJDK: Incorrect awt_getPixelByte/awt_getPixelShort/awt_setPixelByte/awt_setPixelShort image raster checks (2D, 8014093) 1019110 - CVE-2013-5830 OpenJDK: checkPackageAccess missing security check (Libraries, 8017291) 1019113 - CVE-2013-5809 OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510) 1019115 - CVE-2013-5829 OpenJDK: Java2d Disposer security bypass (2D, 8017287) 1019117 - CVE-2013-5814 OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157) 1019118 - CVE-2013-5817 OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739) 1019123 - CVE-2013-5842 OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987) 1019127 - CVE-2013-5850 OpenJDK: Missing CORBA security checks (Libraries, 8017196) 1019130 - CVE-2013-5802 OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425) 1019131 - CVE-2013-5804 OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653) 1019133 - CVE-2013-3829 OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029) 1019137 - CVE-2013-5783 OpenJDK: JTable not properly performing certain access checks (Swing, 8013744) 1019139 - CVE-2013-5825 OpenJDK: XML parsing Denial of Service (JAXP, 8014530) 1019145 - CVE-2013-5823 OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290) 1019147 - CVE-2013-5774 OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743) 1019176 - CVE-2013-4002 OpenJDK: XML parsing Denial of Service (JAXP, 8017298)
- Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.42.1.11.14.el5_10.src.rpm
i386: java-1.6.0-openjdk-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm
x86_64: java-1.6.0-openjdk-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.42.1.11.14.el5_10.src.rpm
i386: java-1.6.0-openjdk-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm
x86_64: java-1.6.0-openjdk-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm
i386: java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm
x86_64: java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm
i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm
x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm
x86_64: java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm
x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm
i386: java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm
x86_64: java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm
i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm
x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm
i386: java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm
x86_64: java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm
i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm
x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-3829.html https://www.redhat.com/security/data/cve/CVE-2013-4002.html https://www.redhat.com/security/data/cve/CVE-2013-5772.html https://www.redhat.com/security/data/cve/CVE-2013-5774.html https://www.redhat.com/security/data/cve/CVE-2013-5778.html https://www.redhat.com/security/data/cve/CVE-2013-5780.html https://www.redhat.com/security/data/cve/CVE-2013-5782.html https://www.redhat.com/security/data/cve/CVE-2013-5783.html https://www.redhat.com/security/data/cve/CVE-2013-5784.html https://www.redhat.com/security/data/cve/CVE-2013-5790.html https://www.redhat.com/security/data/cve/CVE-2013-5797.html https://www.redhat.com/security/data/cve/CVE-2013-5802.html https://www.redhat.com/security/data/cve/CVE-2013-5803.html https://www.redhat.com/security/data/cve/CVE-2013-5804.html https://www.redhat.com/security/data/cve/CVE-2013-5809.html https://www.redhat.com/security/data/cve/CVE-2013-5814.html https://www.redhat.com/security/data/cve/CVE-2013-5817.html https://www.redhat.com/security/data/cve/CVE-2013-5820.html https://www.redhat.com/security/data/cve/CVE-2013-5823.html https://www.redhat.com/security/data/cve/CVE-2013-5825.html https://www.redhat.com/security/data/cve/CVE-2013-5829.html https://www.redhat.com/security/data/cve/CVE-2013-5830.html https://www.redhat.com/security/data/cve/CVE-2013-5840.html https://www.redhat.com/security/data/cve/CVE-2013-5842.html https://www.redhat.com/security/data/cve/CVE-2013-5849.html https://www.redhat.com/security/data/cve/CVE-2013-5850.html https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFSeT/AXlSAg2UNWIIRAvBKAJ9vGve+1MyOR8lyLQffhBtOlcmxrgCfVKad ebAHvPvYFmwsG11PQeLu+bI= =+ckf -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ============================================================================ Ubuntu Security Notice USN-2033-1 November 21, 2013
openjdk-6 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenJDK 6. An attacker could exploit these to expose sensitive data over the network. (CVE-2013-3829, CVE-2013-5783, CVE-2013-5804)
Several vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial of service. (CVE-2013-4002, CVE-2013-5803, CVE-2013-5823, CVE-2013-5825)
Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. An attacker could exploit these to expose sensitive data over the network. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2013-5782, CVE-2013-5802, CVE-2013-5809, CVE-2013-5829, CVE-2013-5814, CVE-2013-5817, CVE-2013-5830, CVE-2013-5842, CVE-2013-5850)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: icedtea-6-jre-cacao 6b27-1.12.6-1ubuntu0.12.04.4 icedtea-6-jre-jamvm 6b27-1.12.6-1ubuntu0.12.04.4 openjdk-6-jre 6b27-1.12.6-1ubuntu0.12.04.4 openjdk-6-jre-headless 6b27-1.12.6-1ubuntu0.12.04.4 openjdk-6-jre-lib 6b27-1.12.6-1ubuntu0.12.04.4 openjdk-6-jre-zero 6b27-1.12.6-1ubuntu0.12.04.4
Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b27-1.12.6-1ubuntu0.10.04.4 openjdk-6-jre 6b27-1.12.6-1ubuntu0.10.04.4 openjdk-6-jre-headless 6b27-1.12.6-1ubuntu0.10.04.4 openjdk-6-jre-lib 6b27-1.12.6-1ubuntu0.10.04.4 openjdk-6-jre-zero 6b27-1.12.6-1ubuntu0.10.04.4
This update uses a new upstream release, which includes additional bug fixes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04031212
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04031212 Version: 1
HPSBUX02944 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2013-12-04 Last Updated: 2013-12-04
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23, and B.11.31 running HP JDK and JRE v7.0.07 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2013-3829 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2013-4002 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2013-5772 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6 CVE-2013-5774 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5775 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2013-5776 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5777 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-5778 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-5780 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2013-5782 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5783 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2013-5784 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2013-5787 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5789 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5790 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2013-5797 (AV:N/AC:M/Au:S/C:N/I:P/A:N) 3.5 CVE-2013-5801 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-5802 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2013-5803 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6 CVE-2013-5804 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2013-5805 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-5806 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-5809 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5810 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-5812 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2013-5814 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5817 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5818 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5819 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5820 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5823 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-5824 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5825 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-5829 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5830 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5831 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5832 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-5838 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-5840 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-5842 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5843 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5844 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-5846 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-5848 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5849 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2013-5850 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-5852 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-5854 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrade to resolve these vulnerabilities.
The upgrade is available from the following location: http://www.hp.com/java
OS Version Release Version
HP-UX B.11.23, B.11.31 JDK and JRE v7.0.08 or subsequent
MANUAL ACTIONS: Yes - Update For Java v7.0 update to Java v7.0.08 or subsequent
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.23 HP-UX B.11.31 =========== Jdk70.JDK70-COM Jdk70.JDK70-DEMO Jdk70.JDK70-IPF32 Jdk70.JDK70-IPF64 Jre70.JRE70-COM Jre70.JRE70-IPF32 Jre70.JRE70-IPF32-HS Jre70.JRE70-IPF64 Jre70.JRE70-IPF64-HS action: install revision 1.7.0.08.00 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 4 December 2013 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. (CVE-2013-5803)
Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "cosminexus primary server base",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-50"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "cosminexus developer professional version",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus application server standard version",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus client version",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus developer light version",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus application server enterprise version",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "cosminexus developer standard version",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "cosminexus developer standard version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus primary server base",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "06-00"
},
{
"_id": null,
"model": "cosminexus application server enterprise version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus application server version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "505-05"
},
{
"_id": null,
"model": "cosminexus developer professional version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus application server standard version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus developer version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "505-05"
},
{
"_id": null,
"model": "cosminexus developer light version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus studio version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "505-05"
},
{
"_id": null,
"model": "cosminexus client version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.7.0 8",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus developer light version 06-00-/e",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jdk 1.7.0 21",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 16",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "cosminexus developer version",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "505-00"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "cosminexus primary server base 06-00-/e",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "jdk 1.5.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 60",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus client 06-70-/f",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.5.0 17",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-70-/f",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 60",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 10",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server smart edition",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "jre 1.7.0 10",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "jdk 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 40",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.7"
},
{
"_id": null,
"model": "jre 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 43",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 17",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 16",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-00-/e",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jdk 0 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 10",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "jdk 1.5.0 24",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.7.0 13",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 41",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 9",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 8",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 37",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "jre 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version 06-00-/e",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jre 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus application server version",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "505-00"
},
{
"_id": null,
"model": "jre 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-00-/e",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jdk 1.6.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 51",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard 06-70-/f",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 40",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 43",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "jdk 1.5.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.7"
},
{
"_id": null,
"model": "jre 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 11",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 01",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.7.0 13",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "jdk 1.6.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 51",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 12",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.5.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 11",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus client version 06-00-/e",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-70-/f",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 06-00-/e",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jdk 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 9",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "lotus expeditor",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.2.x"
},
{
"_id": null,
"model": "sdk,",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "java 2 technology edition 5.0 sr 16 fp 4"
},
{
"_id": null,
"model": "sdk,",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "java technology edition 6 sr 15"
},
{
"_id": null,
"model": "sdk,",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "java technology edition 6.0.1 sr 7"
},
{
"_id": null,
"model": "sdk,",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "java technology edition 7 sr 6"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "5.0 update 51"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "6 update 60"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "7 update 40"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "5.0 update 51"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "6 update 60"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "7 update 40"
},
{
"_id": null,
"model": "java se",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "embedded 7 update 40"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.0 update 33"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6 update 21"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.0 update 33"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6 update 21"
},
{
"_id": null,
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer\u0027s kit for java",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard-r"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "for plug-in"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus operator",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"_id": null,
"model": "ucosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard-r"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"_id": null,
"model": "java runtime",
"scope": null,
"trust": 0.7,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"_id": null,
"model": "cosminexus developer light version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-00-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jdk 1.7.0 17",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus developer light version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus developer professional version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-50-/c",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jdk 01-b06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "cosminexus primary server base",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-51"
},
{
"_id": null,
"model": "cosminexus application server enterprise version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus client version 06-00-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server enterprise version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus developer professional version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-00-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jre 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-50-/f",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-00-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus client version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus studio version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "505-00"
},
{
"_id": null,
"model": "cosminexus studio version 05-05-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "cosminexus primary server base )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-50"
},
{
"_id": null,
"model": "cosminexus application server standard version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-50-/c",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "jre 1.7.0 21",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "cosminexus developer standard version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-50-/f",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer light version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "jdk 1.5.0 41",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus primary server base 06-00-/i",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus client version 06-50-/c",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-50-/f",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer professional version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "jdk 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 12",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus application server standard version 06-50-/c",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"_id": null,
"model": "cosminexus application server enterprise version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus developer standard version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "cosminexus client version 06-50-/f",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "cosminexus application server enterprise version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "cosminexus developer standard version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus primary server base )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-00"
},
{
"_id": null,
"model": "cosminexus application server version 05-05-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus application server standard version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus developer light version 06-50-/c",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus primary server base",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "cosminexus client version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "jre 1.6.0 2",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus primary server base 06-50-/c",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jdk 07-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "cosminexus client version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus developer standard version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus primary server base 06-50-/f",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 45",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 06-50-/c",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-50-/f",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer professional version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus application server standard version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "cosminexus developer version 05-05-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "cosminexus developer light version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus client version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "cosminexus primary server base",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-02"
},
{
"_id": null,
"model": "jdk 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-00-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server standard version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "jdk 1.5.0.0 11",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 11-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "cosminexus developer light version 06-00-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer light version 06-50-/f",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "jre 1.5.0.0 07",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 01",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 20",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server light (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-51-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-51-/n",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.0"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-51-/n",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.47"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.6"
},
{
"_id": null,
"model": "tivoli endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-51-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.32"
},
{
"_id": null,
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.43"
},
{
"_id": null,
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-02-/g",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-02-/g",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli policy driven software distribution",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.4"
},
{
"_id": null,
"model": "ucosminexus service platform )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-51-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus notes fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-71-/m",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "jdk 1.5.0 11",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer light version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.4"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.3"
},
{
"_id": null,
"model": "network satellite server (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6)5.4"
},
{
"_id": null,
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.4"
},
{
"_id": null,
"model": "cosminexus application server version 05-00-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56001"
},
{
"_id": null,
"model": "cosminexus client version 06-02-/f",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-02-/d",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer version 05-05-/o",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "lotus domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.35"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-71-/m",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 11-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "cosminexus client version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.5"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-00-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "vcenter server update1",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.4"
},
{
"_id": null,
"model": "powersc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "cosminexus developer light version 06-02-/d",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-02-/f",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "update manager update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.51"
},
{
"_id": null,
"model": "ucosminexus service platform )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "cosminexus developer light version 06-50-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "tivoli storage productivity center fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2"
},
{
"_id": null,
"model": "ucosminexus client 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "cosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-02"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.3"
},
{
"_id": null,
"model": "lotus domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.33"
},
{
"_id": null,
"model": "ucosminexus application server standard 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-70-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "cosminexus primary server base 06-51-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus application server version 05-00-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus client 06-70-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 08",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus developer light version 06-51-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-50-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-02-/f",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56002"
},
{
"_id": null,
"model": "ucosminexus application server smart edition )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"_id": null,
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-00-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.24"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-70-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus domino 8.5.3fp1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "lotus notes fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "cosminexus application server version",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "505-01"
},
{
"_id": null,
"model": "linux enterprise server sp2 for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "lotus domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.12"
},
{
"_id": null,
"model": "ucosminexus developer professional",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "trio tview software",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.27.0"
},
{
"_id": null,
"model": "mac os update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.617"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "cosminexus developer version 05-00-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "lotus domino fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "ucosminexus operator",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "linux enterprise software development kit sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "ucosminexus application server enterprise (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "cosminexus client version 06-50-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2.0"
},
{
"_id": null,
"model": "lotus domino fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"_id": null,
"model": "ucosminexus application server standard-r (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "lotus expeditor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.2"
},
{
"_id": null,
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "network satellite server (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5)5.4"
},
{
"_id": null,
"model": "ucosminexus application server standard 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "linux enterprise server sp3 for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "cosminexus developer light version 06-51-/n",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard 06-70-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "cosminexus developer light version 06-02-/g",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "os/400 v6r1m0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer professional",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-71"
},
{
"_id": null,
"model": "cosminexus developer professional version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.6"
},
{
"_id": null,
"model": "cosminexus primary server base 06-00-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.5"
},
{
"_id": null,
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.0"
},
{
"_id": null,
"model": "ucosminexus client 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "cosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-51"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.2"
},
{
"_id": null,
"model": "ucosminexus application server smart edition )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.3"
},
{
"_id": null,
"model": "ucosminexus application server standard 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3"
},
{
"_id": null,
"model": "cosminexus application server version 05-00-/s",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "cosminexus application server standard version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "cosminexus primary server base 06-02-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.2"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.4"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-71"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.19"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.1"
},
{
"_id": null,
"model": "cosminexus studio version",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "505-01"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6)5.6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.10"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.11"
},
{
"_id": null,
"model": "ucosminexus client 06-71-/m",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 06-51-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "linux enterprise java sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2143"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-51-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-70-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "cosminexus developer light version 06-51-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.1"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "560010.1"
},
{
"_id": null,
"model": "ucosminexus application server express (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.170"
},
{
"_id": null,
"model": "cosminexus primary server base 06-50-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.4"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "lotus notes fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.35"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.32"
},
{
"_id": null,
"model": "ucosminexus developer professional 06-70-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "linux enterprise software development kit sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.13"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-00-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"_id": null,
"model": "jdk 0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "core",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "cosminexus application server enterprise version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.3"
},
{
"_id": null,
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "cosminexus primary server base 06-02-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus application server version 05-05-/r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.029"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.31"
},
{
"_id": null,
"model": "ucosminexus client 06-70-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.5"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-72-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "trio tview software",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.29.0"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.2"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "ucosminexus application server standard (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"_id": null,
"model": "lotus notes fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.33"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus client 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus studio version 05-05-/o",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "cosminexus studio version 05-05-/r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "cosminexus studio version 05-00-/s",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "ucosminexus application server light (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "lotus notes fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.32"
},
{
"_id": null,
"model": "cosminexus client version 06-02-/g",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.27"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.1"
},
{
"_id": null,
"model": "ucosminexus service platform )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "cosminexus studio version 05-01-/l",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus application server standard 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "cosminexus developer version 05-00-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus developer professional",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"_id": null,
"model": "lotus domino 8.5.1fp5",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.04"
},
{
"_id": null,
"model": "suse core for",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9x86"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.4"
},
{
"_id": null,
"model": "cosminexus client version 06-50-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus expeditor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.3"
},
{
"_id": null,
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.18"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.2"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56009.7"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.185"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "cosminexus client version 06-00-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.2"
},
{
"_id": null,
"model": "cosminexus primary server base 06-50-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-51-/n",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.45"
},
{
"_id": null,
"model": "ucosminexus developer light 06-70-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "tivoli endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.17"
},
{
"_id": null,
"model": "cosminexus developer light version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-50-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.12"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-02-/f",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-00-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "websphere real time sr6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-50-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus primary server base 06-50-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version 06-02-/d",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.31"
},
{
"_id": null,
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"_id": null,
"model": "cosminexus application server version 05-05-/o",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "i5/os v6r1m0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-50-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.3"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "ucosminexus service architect )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "cosminexus client version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-50-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.4"
},
{
"_id": null,
"model": "cosminexus developer light version 06-02-/f",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"_id": null,
"model": "ucosminexus service architect )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "jdk 0 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.2"
},
{
"_id": null,
"model": "cosminexus application server version 05-01-/l",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "cosminexus primary server base 06-51-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-51-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "websphere real time sr5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "lotus domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.34"
},
{
"_id": null,
"model": "lotus expeditor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-50-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-02-/d",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"_id": null,
"model": "cosminexus developer version 05-05-/r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "jdk 1.6.0 01-b06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "lotus notes fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.34"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "cosminexus developer standard version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"_id": null,
"model": "ucosminexus application server enterprise (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"_id": null,
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-02-/d",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.25"
},
{
"_id": null,
"model": "os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2013-005"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"_id": null,
"model": "lotus domino fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "ucosminexus application server standard-r (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "cosminexus developer version 05-00-/s",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus application server smart edition )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-02-/f",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-50-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-50-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "linux enterprise java sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.13"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-70-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.5"
},
{
"_id": null,
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "ucosminexus application server smart edition (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"_id": null,
"model": "lotus domino 8.5fp1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.143"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "ucosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server smart edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.3"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-51-/n",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli storage productivity center fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.14"
},
{
"_id": null,
"model": "linux enterprise server sp3 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "ucosminexus primary server base",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "network satellite server (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6)5.5"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "network satellite server (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5)5.5"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.177"
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"_id": null,
"model": "jre 1.5.0 09",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus developer version 05-01-/l",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-50-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus client version 06-51-/n",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-02-/g",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56003"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-72-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"_id": null,
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.12"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-50-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "cosminexus client version 06-51-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.0"
},
{
"_id": null,
"model": "cosminexus developer light version 06-50-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "cosminexus studio version 05-00-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-51-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer light version 06-00-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus client 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus domino fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.5"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-50-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.4"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.145"
},
{
"_id": null,
"model": "java se embedded 7u40",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "cosminexus primary server base 06-51-/n",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.3"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server express (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"_id": null,
"model": "cosminexus application server standard version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus client version 06-50-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.4"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus application server standard 06-72-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-51-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.4"
},
{
"_id": null,
"model": "jdk 1.5.0 07-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "cosminexus application server enterprise version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5)5.6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-50-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.145"
},
{
"_id": null,
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "ucosminexus client 06-72-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 06-02-/g",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer light version 06-50-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus client version 06-02-/d",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer version",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "505-01"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.0"
},
{
"_id": null,
"model": "cosminexus client version 06-51-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server smart edition )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "cosminexus primary server base 06-02-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.010"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-245"
},
{
"db": "BID",
"id": "63154"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004691"
},
{
"db": "NVD",
"id": "CVE-2013-5783"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:java_sdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:jdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:jre",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:java_se",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:jdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:jre",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_light",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_operator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_architect",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_platform",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004691"
}
]
},
"credits": {
"_id": null,
"data": "Ben Murphy",
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-245"
}
],
"trust": 0.7
},
"cve": "CVE-2013-5783",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2013-5783",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2013-5783",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-5783",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-5783",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2013-5783",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2013-5783",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-245"
},
{
"db": "VULMON",
"id": "CVE-2013-5783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004691"
},
{
"db": "NVD",
"id": "CVE-2013-5783"
}
]
},
"description": {
"_id": null,
"data": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Swing. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the usage of NumberFormatter and RealTimeSequencer. With the usage of these classes, it is possible to disable the security manager and run code as privileged. This allows a malicious applet to execute attacker-supplied code resulting in remote code execution under the context of the current user. \nThe vulnerability can be exploited over multiple protocols. This issue affects the \u0027Swing\u0027 sub-component. In a typical operating environment, these are of low\nsecurity risk as the runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201406-32\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: IcedTea JDK: Multiple vulnerabilities\n Date: June 29, 2014\n Bugs: #312297, #330205, #340819, #346799, #352035, #353418,\n #354231, #355127, #370787, #387637, #404095, #421031,\n #429522, #433389, #438750, #442478, #457206, #458410,\n #461714, #466822, #477210, #489570, #508270\n ID: 201406-32\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the IcedTea JDK, the worst\nof which could lead to arbitrary code execution. \n\nBackground\n==========\n\nIcedTea is a distribution of the Java OpenJDK source code built with\nfree build tools. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-java/icedtea-bin \u003c 6.1.13.3 \u003e= 6.1.13.3 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in the IcedTea JDK. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll IcedTea JDK users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-java/icedtea-bin-6.1.13.3\"\n\nReferences\n==========\n\n[ 1 ] CVE-2009-3555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555\n[ 2 ] CVE-2010-2548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548\n[ 3 ] CVE-2010-2783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783\n[ 4 ] CVE-2010-3541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541\n[ 5 ] CVE-2010-3548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548\n[ 6 ] CVE-2010-3549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549\n[ 7 ] CVE-2010-3551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551\n[ 8 ] CVE-2010-3553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553\n[ 9 ] CVE-2010-3554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554\n[ 10 ] CVE-2010-3557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557\n[ 11 ] CVE-2010-3561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561\n[ 12 ] CVE-2010-3562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562\n[ 13 ] CVE-2010-3564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564\n[ 14 ] CVE-2010-3565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565\n[ 15 ] CVE-2010-3566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566\n[ 16 ] CVE-2010-3567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567\n[ 17 ] CVE-2010-3568\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568\n[ 18 ] CVE-2010-3569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569\n[ 19 ] CVE-2010-3573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573\n[ 20 ] CVE-2010-3574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574\n[ 21 ] CVE-2010-3860\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860\n[ 22 ] CVE-2010-4351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351\n[ 23 ] CVE-2010-4448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448\n[ 24 ] CVE-2010-4450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450\n[ 25 ] CVE-2010-4465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465\n[ 26 ] CVE-2010-4467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467\n[ 27 ] CVE-2010-4469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469\n[ 28 ] CVE-2010-4470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470\n[ 29 ] CVE-2010-4471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471\n[ 30 ] CVE-2010-4472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472\n[ 31 ] CVE-2010-4476\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476\n[ 32 ] CVE-2011-0025\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025\n[ 33 ] CVE-2011-0706\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706\n[ 34 ] CVE-2011-0815\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815\n[ 35 ] CVE-2011-0822\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822\n[ 36 ] CVE-2011-0862\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862\n[ 37 ] CVE-2011-0864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864\n[ 38 ] CVE-2011-0865\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865\n[ 39 ] CVE-2011-0868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868\n[ 40 ] CVE-2011-0869\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869\n[ 41 ] CVE-2011-0870\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870\n[ 42 ] CVE-2011-0871\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871\n[ 43 ] CVE-2011-0872\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872\n[ 44 ] CVE-2011-3389\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389\n[ 45 ] CVE-2011-3521\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521\n[ 46 ] CVE-2011-3544\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544\n[ 47 ] CVE-2011-3547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547\n[ 48 ] CVE-2011-3548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548\n[ 49 ] CVE-2011-3551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551\n[ 50 ] CVE-2011-3552\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552\n[ 51 ] CVE-2011-3553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553\n[ 52 ] CVE-2011-3554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554\n[ 53 ] CVE-2011-3556\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556\n[ 54 ] CVE-2011-3557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557\n[ 55 ] CVE-2011-3558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558\n[ 56 ] CVE-2011-3560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560\n[ 57 ] CVE-2011-3563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[ 58 ] CVE-2011-3571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571\n[ 59 ] CVE-2011-5035\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[ 60 ] CVE-2012-0497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[ 61 ] CVE-2012-0501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[ 62 ] CVE-2012-0502\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[ 63 ] CVE-2012-0503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[ 64 ] CVE-2012-0505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[ 65 ] CVE-2012-0506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[ 66 ] CVE-2012-0547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[ 67 ] CVE-2012-1711\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[ 68 ] CVE-2012-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[ 69 ] CVE-2012-1716\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[ 70 ] CVE-2012-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[ 71 ] CVE-2012-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[ 72 ] CVE-2012-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[ 73 ] CVE-2012-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[ 74 ] CVE-2012-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[ 75 ] CVE-2012-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[ 76 ] CVE-2012-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[ 77 ] CVE-2012-3216\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[ 78 ] CVE-2012-3422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422\n[ 79 ] CVE-2012-3423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423\n[ 80 ] CVE-2012-4416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[ 81 ] CVE-2012-4540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540\n[ 82 ] CVE-2012-5068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[ 83 ] CVE-2012-5069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[ 84 ] CVE-2012-5070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[ 85 ] CVE-2012-5071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[ 86 ] CVE-2012-5072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[ 87 ] CVE-2012-5073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[ 88 ] CVE-2012-5074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[ 89 ] CVE-2012-5075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[ 90 ] CVE-2012-5076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[ 91 ] CVE-2012-5077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[ 92 ] CVE-2012-5081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[ 93 ] CVE-2012-5084\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[ 94 ] CVE-2012-5085\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[ 95 ] CVE-2012-5086\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[ 96 ] CVE-2012-5087\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[ 97 ] CVE-2012-5089\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[ 98 ] CVE-2012-5979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979\n[ 99 ] CVE-2013-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[ 100 ] CVE-2013-0401\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[ 101 ] CVE-2013-0424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424\n[ 102 ] CVE-2013-0425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425\n[ 103 ] CVE-2013-0426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426\n[ 104 ] CVE-2013-0427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427\n[ 105 ] CVE-2013-0428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428\n[ 106 ] CVE-2013-0429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429\n[ 107 ] CVE-2013-0431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431\n[ 108 ] CVE-2013-0432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432\n[ 109 ] CVE-2013-0433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433\n[ 110 ] CVE-2013-0434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434\n[ 111 ] CVE-2013-0435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435\n[ 112 ] CVE-2013-0440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440\n[ 113 ] CVE-2013-0441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441\n[ 114 ] CVE-2013-0442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442\n[ 115 ] CVE-2013-0443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443\n[ 116 ] CVE-2013-0444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444\n[ 117 ] CVE-2013-0450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450\n[ 118 ] CVE-2013-0809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[ 119 ] CVE-2013-1475\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475\n[ 120 ] CVE-2013-1476\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476\n[ 121 ] CVE-2013-1478\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478\n[ 122 ] CVE-2013-1480\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480\n[ 123 ] CVE-2013-1484\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[ 124 ] CVE-2013-1485\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[ 125 ] CVE-2013-1486\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[ 126 ] CVE-2013-1488\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[ 127 ] CVE-2013-1493\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[ 128 ] CVE-2013-1500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[ 129 ] CVE-2013-1518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[ 130 ] CVE-2013-1537\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[ 131 ] CVE-2013-1557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[ 132 ] CVE-2013-1569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[ 133 ] CVE-2013-1571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[ 134 ] CVE-2013-2383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[ 135 ] CVE-2013-2384\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 136 ] CVE-2013-2407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 137 ] CVE-2013-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 138 ] CVE-2013-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 139 ] CVE-2013-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 140 ] CVE-2013-2419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 141 ] CVE-2013-2420\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 142 ] CVE-2013-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 143 ] CVE-2013-2422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 144 ] CVE-2013-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 145 ] CVE-2013-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 146 ] CVE-2013-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 147 ] CVE-2013-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 148 ] CVE-2013-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 149 ] CVE-2013-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 150 ] CVE-2013-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 151 ] CVE-2013-2443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 152 ] CVE-2013-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 153 ] CVE-2013-2445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 154 ] CVE-2013-2446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 155 ] CVE-2013-2447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 156 ] CVE-2013-2448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 157 ] CVE-2013-2449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 158 ] CVE-2013-2450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 159 ] CVE-2013-2451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 160 ] CVE-2013-2452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 161 ] CVE-2013-2453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 162 ] CVE-2013-2454\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 163 ] CVE-2013-2455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 164 ] CVE-2013-2456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 165 ] CVE-2013-2457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 166 ] CVE-2013-2458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 167 ] CVE-2013-2459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 168 ] CVE-2013-2460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 169 ] CVE-2013-2461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 170 ] CVE-2013-2463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 171 ] CVE-2013-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 172 ] CVE-2013-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 173 ] CVE-2013-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 174 ] CVE-2013-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 175 ] CVE-2013-2472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 176 ] CVE-2013-2473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 177 ] CVE-2013-3829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 178 ] CVE-2013-4002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002\n[ 179 ] CVE-2013-5772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 180 ] CVE-2013-5774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 181 ] CVE-2013-5778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 182 ] CVE-2013-5780\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 183 ] CVE-2013-5782\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 184 ] CVE-2013-5783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 185 ] CVE-2013-5784\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 186 ] CVE-2013-5790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 187 ] CVE-2013-5797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 188 ] CVE-2013-5800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 189 ] CVE-2013-5802\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 190 ] CVE-2013-5803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 191 ] CVE-2013-5804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 192 ] CVE-2013-5805\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 193 ] CVE-2013-5806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 194 ] CVE-2013-5809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 195 ] CVE-2013-5814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 196 ] CVE-2013-5817\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 197 ] CVE-2013-5820\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 198 ] CVE-2013-5823\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 199 ] CVE-2013-5825\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 200 ] CVE-2013-5829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 201 ] CVE-2013-5830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 202 ] CVE-2013-5840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 203 ] CVE-2013-5842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 204 ] CVE-2013-5849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 205 ] CVE-2013-5850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 206 ] CVE-2013-5851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 207 ] CVE-2013-6629\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629\n[ 208 ] CVE-2013-6954\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954\n[ 209 ] CVE-2014-0429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429\n[ 210 ] CVE-2014-0446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446\n[ 211 ] CVE-2014-0451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451\n[ 212 ] CVE-2014-0452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452\n[ 213 ] CVE-2014-0453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453\n[ 214 ] CVE-2014-0456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456\n[ 215 ] CVE-2014-0457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457\n[ 216 ] CVE-2014-0458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458\n[ 217 ] CVE-2014-0459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459\n[ 218 ] CVE-2014-0460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460\n[ 219 ] CVE-2014-0461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461\n[ 220 ] CVE-2014-1876\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876\n[ 221 ] CVE-2014-2397\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397\n[ 222 ] CVE-2014-2398\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398\n[ 223 ] CVE-2014-2403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403\n[ 224 ] CVE-2014-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412\n[ 225 ] CVE-2014-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414\n[ 226 ] CVE-2014-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421\n[ 227 ] CVE-2014-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423\n[ 228 ] CVE-2014-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201406-32.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: java-1.6.0-openjdk security update\nAdvisory ID: RHSA-2013:1505-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-1505.html\nIssue date: 2013-11-05\nCVE Names: CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 \n CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 \n CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 \n CVE-2013-5790 CVE-2013-5797 CVE-2013-5802 \n CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 \n CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 \n CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 \n CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 \n CVE-2013-5849 CVE-2013-5850 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.6.0-openjdk packages that fix various security issues are\nnow available for Red Hat Enterprise Linux 5 and 6. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux (v. 5 server) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nThe java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime\nEnvironment and the OpenJDK 6 Java Software Development Kit. \n\nMultiple input checking flaws were found in the 2D component native image\nparsing code. A specially crafted image file could trigger a Java Virtual\nMachine memory corruption and, possibly, lead to arbitrary code execution\nwith the privileges of the user running the Java Virtual Machine. \n(CVE-2013-5782)\n\nThe class loader did not properly check the package access for non-public\nproxy classes. (CVE-2013-5830)\n\nMultiple improper permission check issues were discovered in the 2D, CORBA,\nJNDI, and Libraries components in OpenJDK. An untrusted Java application or\napplet could use these flaws to bypass Java sandbox restrictions. \n(CVE-2013-5829, CVE-2013-5814, CVE-2013-5817, CVE-2013-5842, CVE-2013-5850)\n\nMultiple input checking flaws were discovered in the JPEG image reading and\nwriting code in the 2D component. An untrusted Java application or applet\ncould use these flaws to corrupt the Java Virtual Machine memory and bypass\nJava sandbox restrictions. (CVE-2013-5809)\n\nThe FEATURE_SECURE_PROCESSING setting was not properly honored by the\njavax.xml.transform package transformers. A remote attacker could use this\nflaw to supply a crafted XML that would be processed without the intended\nsecurity restrictions. (CVE-2013-5802)\n\nMultiple errors were discovered in the way the JAXP and Security components\nprocesses XML inputs. A remote attacker could create a crafted XML that\nwould cause a Java application to use an excessive amount of CPU and memory\nwhen processed. (CVE-2013-5825, CVE-2013-4002, CVE-2013-5823)\n\nMultiple improper permission check issues were discovered in the Libraries,\nSwing, JAX-WS, JGSS, AWT, Beans, and Scripting components in OpenJDK. An\nuntrusted Java application or applet could use these flaws to bypass\ncertain Java sandbox restrictions. (CVE-2013-3829, CVE-2013-5840,\nCVE-2013-5774, CVE-2013-5783, CVE-2013-5820, CVE-2013-5849, CVE-2013-5790,\nCVE-2013-5784)\n\nIt was discovered that the 2D component image library did not properly\ncheck bounds when performing image conversions. An untrusted Java\napplication or applet could use this flaw to disclose portions of the Java\nVirtual Machine memory. (CVE-2013-5778)\n\nMultiple input sanitization flaws were discovered in javadoc. When javadoc\ndocumentation was generated from an untrusted Java source code and hosted\non a domain not controlled by the code author, these issues could make it\neasier to perform cross-site scripting attacks. (CVE-2013-5804,\nCVE-2013-5797)\n\nVarious OpenJDK classes that represent cryptographic keys could leak\nprivate key information by including sensitive data in strings returned by\ntoString() methods. These flaws could possibly lead to an unexpected\nexposure of sensitive key data. (CVE-2013-5780)\n\nThe Java Heap Analysis Tool (jhat) failed to properly escape all data added\ninto the HTML pages it generated. Crafted content in the memory of a Java\nprogram analyzed using jhat could possibly be used to conduct cross-site\nscripting attacks. (CVE-2013-5772)\n\nThe Kerberos implementation in OpenJDK did not properly parse KDC\nresponses. A malformed packet could cause a Java application using JGSS to\nexit. (CVE-2013-5803)\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n1018713 - CVE-2013-5803 OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)\n1018717 - CVE-2013-5772 OpenJDK: insufficient html escaping in jhat (jhat, 8011081)\n1018720 - CVE-2013-5797 OpenJDK: insufficient escaping of window title string (Javadoc, 8016675)\n1018727 - CVE-2013-5784 OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299)\n1018736 - CVE-2013-5790 OpenJDK: insufficient security checks (Beans, 8012071)\n1018750 - CVE-2013-5849 OpenJDK: insufficient DataFlavor security checks (AWT, 8012277)\n1018785 - CVE-2013-5780 OpenJDK: key data leak via toString() methods (Libraries, 8011071)\n1018831 - CVE-2013-5840 OpenJDK: getDeclaringClass() information leak (Libraries, 8014349)\n1018972 - CVE-2013-5820 OpenJDK: insufficient security checks (JAXWS, 8017505)\n1018984 - CVE-2013-5778 OpenJDK: image conversion out of bounds read (2D, 8014102)\n1019108 - CVE-2013-5782 OpenJDK: Incorrect awt_getPixelByte/awt_getPixelShort/awt_setPixelByte/awt_setPixelShort image raster checks (2D, 8014093)\n1019110 - CVE-2013-5830 OpenJDK: checkPackageAccess missing security check (Libraries, 8017291)\n1019113 - CVE-2013-5809 OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510)\n1019115 - CVE-2013-5829 OpenJDK: Java2d Disposer security bypass (2D, 8017287)\n1019117 - CVE-2013-5814 OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157)\n1019118 - CVE-2013-5817 OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)\n1019123 - CVE-2013-5842 OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)\n1019127 - CVE-2013-5850 OpenJDK: Missing CORBA security checks (Libraries, 8017196)\n1019130 - CVE-2013-5802 OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)\n1019131 - CVE-2013-5804 OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653)\n1019133 - CVE-2013-3829 OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)\n1019137 - CVE-2013-5783 OpenJDK: JTable not properly performing certain access checks (Swing, 8013744)\n1019139 - CVE-2013-5825 OpenJDK: XML parsing Denial of Service (JAXP, 8014530)\n1019145 - CVE-2013-5823 OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290)\n1019147 - CVE-2013-5774 OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743)\n1019176 - CVE-2013-4002 OpenJDK: XML parsing Denial of Service (JAXP, 8017298)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.42.1.11.14.el5_10.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.42.1.11.14.el5_10.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.42.1.11.14.el5_10.i386.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.42.1.11.14.el5_10.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm\n\ni386:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm\n\nx86_64:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm\n\ni386:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.src.rpm\n\ni386:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-3829.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-4002.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5772.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5774.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5778.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5780.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5782.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5783.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5784.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5790.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5797.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5802.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5803.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5804.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5809.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5814.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5817.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5820.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5823.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5825.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5829.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5830.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5840.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5842.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5849.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5850.html\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFSeT/AXlSAg2UNWIIRAvBKAJ9vGve+1MyOR8lyLQffhBtOlcmxrgCfVKad\nebAHvPvYFmwsG11PQeLu+bI=\n=+ckf\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ============================================================================\nUbuntu Security Notice USN-2033-1\nNovember 21, 2013\n\nopenjdk-6 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenJDK 6. An attacker could exploit these\nto expose sensitive data over the network. (CVE-2013-3829, CVE-2013-5783,\nCVE-2013-5804)\n\nSeveral vulnerabilities were discovered in the OpenJDK JRE related to\navailability. An attacker could exploit these to cause a denial of service. \n(CVE-2013-4002, CVE-2013-5803, CVE-2013-5823, CVE-2013-5825)\n\nSeveral vulnerabilities were discovered in the OpenJDK JRE related to data\nintegrity. An attacker could exploit these to expose sensitive\ndata over the network. An attacker could\nexploit these to cause a denial of service or expose sensitive data over\nthe network. (CVE-2013-5782, CVE-2013-5802, CVE-2013-5809, CVE-2013-5829,\nCVE-2013-5814, CVE-2013-5817, CVE-2013-5830, CVE-2013-5842, CVE-2013-5850)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n icedtea-6-jre-cacao 6b27-1.12.6-1ubuntu0.12.04.4\n icedtea-6-jre-jamvm 6b27-1.12.6-1ubuntu0.12.04.4\n openjdk-6-jre 6b27-1.12.6-1ubuntu0.12.04.4\n openjdk-6-jre-headless 6b27-1.12.6-1ubuntu0.12.04.4\n openjdk-6-jre-lib 6b27-1.12.6-1ubuntu0.12.04.4\n openjdk-6-jre-zero 6b27-1.12.6-1ubuntu0.12.04.4\n\nUbuntu 10.04 LTS:\n icedtea-6-jre-cacao 6b27-1.12.6-1ubuntu0.10.04.4\n openjdk-6-jre 6b27-1.12.6-1ubuntu0.10.04.4\n openjdk-6-jre-headless 6b27-1.12.6-1ubuntu0.10.04.4\n openjdk-6-jre-lib 6b27-1.12.6-1ubuntu0.10.04.4\n openjdk-6-jre-zero 6b27-1.12.6-1ubuntu0.10.04.4\n\nThis update uses a new upstream release, which includes additional bug\nfixes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04031212\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04031212\nVersion: 1\n\nHPSBUX02944 rev.1 - HP-UX Running Java7, Remote Unauthorized Access,\nDisclosure of Information, and Other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2013-12-04\nLast Updated: 2013-12-04\n\nPotential Security Impact: Remote unauthorized access, disclosure of\ninformation, and other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in Java Runtime\nEnvironment (JRE) and Java Developer Kit (JDK) running on HP-UX. These\nvulnerabilities could allow remote unauthorized access, disclosure of\ninformation, and other exploits. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.23, and B.11.31 running HP JDK and JRE v7.0.07 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2013-3829 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2013-4002 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2013-5772 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6\nCVE-2013-5774 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5775 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2013-5776 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5777 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2013-5778 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-5780 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2013-5782 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5783 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2013-5784 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2013-5787 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5789 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5790 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2013-5797 (AV:N/AC:M/Au:S/C:N/I:P/A:N) 3.5\nCVE-2013-5801 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-5802 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2013-5803 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6\nCVE-2013-5804 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2013-5805 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2013-5806 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2013-5809 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5810 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2013-5812 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4\nCVE-2013-5814 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5817 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5818 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5819 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5820 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5823 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-5824 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5825 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-5829 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5830 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5831 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5832 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2013-5838 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2013-5840 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-5842 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5843 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5844 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2013-5846 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2013-5848 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5849 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2013-5850 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2013-5852 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2013-5854 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following Java version upgrade to resolve these\nvulnerabilities. \n\nThe upgrade is available from the following location: http://www.hp.com/java\n\nOS Version\n Release Version\n\nHP-UX B.11.23, B.11.31\n JDK and JRE v7.0.08 or subsequent\n\nMANUAL ACTIONS: Yes - Update\nFor Java v7.0 update to Java v7.0.08 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJdk70.JDK70-COM\nJdk70.JDK70-DEMO\nJdk70.JDK70-IPF32\nJdk70.JDK70-IPF64\nJre70.JRE70-COM\nJre70.JRE70-IPF32\nJre70.JRE70-IPF32-HS\nJre70.JRE70-IPF64\nJre70.JRE70-IPF64-HS\naction: install revision 1.7.0.08.00 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 4 December 2013 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2013 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. (CVE-2013-5803)\n\nNote: If the web browser plug-in provided by the icedtea-web package was\ninstalled, the issues exposed via Java applets could have been exploited\nwithout user interaction if a user visited a malicious website",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004691"
},
{
"db": "ZDI",
"id": "ZDI-13-245"
},
{
"db": "BID",
"id": "63154"
},
{
"db": "VULMON",
"id": "CVE-2013-5783"
},
{
"db": "PACKETSTORM",
"id": "124303"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "123647"
},
{
"db": "PACKETSTORM",
"id": "123921"
},
{
"db": "PACKETSTORM",
"id": "123942"
},
{
"db": "PACKETSTORM",
"id": "124143"
},
{
"db": "PACKETSTORM",
"id": "124386"
},
{
"db": "PACKETSTORM",
"id": "123722"
},
{
"db": "PACKETSTORM",
"id": "123946"
}
],
"trust": 3.42
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2013-5783",
"trust": 3.8
},
{
"db": "BID",
"id": "63154",
"trust": 1.4
},
{
"db": "HITACHI",
"id": "HS13-025",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "56338",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004691",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1878",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-13-245",
"trust": 0.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-213-02",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2013-5783",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124303",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127267",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123647",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123921",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123942",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124143",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124386",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123722",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123946",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-245"
},
{
"db": "VULMON",
"id": "CVE-2013-5783"
},
{
"db": "BID",
"id": "63154"
},
{
"db": "PACKETSTORM",
"id": "124303"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "123647"
},
{
"db": "PACKETSTORM",
"id": "123921"
},
{
"db": "PACKETSTORM",
"id": "123942"
},
{
"db": "PACKETSTORM",
"id": "124143"
},
{
"db": "PACKETSTORM",
"id": "124386"
},
{
"db": "PACKETSTORM",
"id": "123722"
},
{
"db": "PACKETSTORM",
"id": "123946"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004691"
},
{
"db": "NVD",
"id": "CVE-2013-5783"
}
]
},
"id": "VAR-201310-0350",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2026-04-10T23:12:57.761000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Oracle Critical Patch Update Advisory - October 2013",
"trust": 1.5,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"title": "APPLE-SA-2013-10-15-1",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"title": "HT5982",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5982"
},
{
"title": "HT5982",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5982?viewlocale=ja_JP"
},
{
"title": "HS13-025",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"title": "HPSBUX02943",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c04031205"
},
{
"title": "HPSBUX02944",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c04031212"
},
{
"title": "1655201",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"title": "1662535",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21662535"
},
{
"title": "1664150",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664150"
},
{
"title": "SUSE-SU-2013:1666",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"title": "SUSE-SU-2013:1677",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"title": "openSUSE-SU-2013:1663",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - October 2013 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013verbose-1899842.html"
},
{
"title": "Bug 1019137",
"trust": 0.8,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1019137"
},
{
"title": "RHSA-2013:1793",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"title": "RHSA-2013:1440",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"title": "RHSA-2013:1447",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"title": "RHSA-2013:1505",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"title": "RHSA-2013:1451",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"title": "RHSA-2013:1507",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"title": "RHSA-2013:1508",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"title": "RHSA-2013:1509",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"title": "October 2013 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2013_critical_patch_update"
},
{
"title": "USN-2033-1",
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/USN-2033-1/"
},
{
"title": "HS13-025",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-025/index.html"
},
{
"title": "Red Hat: CVE-2013-5783",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2013-5783"
},
{
"title": "Red Hat: Important: java-1.6.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131505 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.5.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131509 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131447 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131451 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.6.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131508 - Security Advisory"
},
{
"title": "Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131793 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131507 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-oracle security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131440 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: openjdk-6 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2033-1"
},
{
"title": "Amazon Linux AMI: ALAS-2013-246",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2013-246"
},
{
"title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2089-1"
},
{
"title": "Amazon Linux AMI: ALAS-2013-235",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2013-235"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-245"
},
{
"db": "VULMON",
"id": "CVE-2013-5783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004691"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5783"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.2,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"trust": 1.4,
"url": "http://support.apple.com/kb/ht5982"
},
{
"trust": 1.4,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs13-025/index.html"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1440.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1451.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1505.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1508.html"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2033-1"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1793.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1509.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/63154"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1447.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2013/oct/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1507.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"trust": 1.1,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1019137"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/56338"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2089-1"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19088"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2014:0414"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5814"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5802"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5804"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5778"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5782"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5797"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5809"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5817"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5803"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5774"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-3829"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5780"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5783"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5783"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20131016-jre.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2013/at130043.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5783"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5772"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5784"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5817.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5797.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5782.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5802.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5803.html"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5778.html"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5783.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5780.html"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5842.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5849.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5840.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-3829.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5809.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5825.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5774.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5830.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5804.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5814.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5829.html"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5790"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5823.html"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5820"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5850.html"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5801"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5772.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5820.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5784.html"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4002"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5787"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5801.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5818"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5812"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5789"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5851.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5776"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5843.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5823"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5790.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5830"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5840"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5842"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5849"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/java/index.html"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04031205"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04031212"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24036549"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24036518"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659530"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg400001745"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664964"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1iv53964"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100176223"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659219"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1iv52145"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21662535"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670264"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21664002"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659761"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659757"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21662428"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655990"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21660039"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/connections/blogs/psirt/entry/security_bulletin_security_vulnerabilities_for_ibm_java_on_aix?lang=en_us"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672822"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664098"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas38fe73318db4e6c8786257c32007ee70b"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas3be721f674cf321ba86257c32007ee712"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24036927"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0002.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5372"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5375"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5832.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5372.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5818.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5824.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5789.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5812.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5831.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5776.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5848.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4041"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5819.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5375.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-4041.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5787.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-4002.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5825"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5829"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5850"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5457"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5819"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5457.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5800.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5800"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5810"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5838.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5777"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5775"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=31339"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2013-5783"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2033-1/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3551"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5846.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5775.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5844.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5788.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5777.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5854.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5788"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5810.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/java/javase/7u45-relnotes-2016950.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5852.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/java/javase/7u40-relnotes-2004172.html"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.6-1ubuntu0.10.04.4"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5851"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.6-1ubuntu0.12.04.4"
},
{
"trust": 0.1,
"url": "http://www.hp.com/java"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5806"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5805"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5843"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-245"
},
{
"db": "VULMON",
"id": "CVE-2013-5783"
},
{
"db": "BID",
"id": "63154"
},
{
"db": "PACKETSTORM",
"id": "124303"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "123647"
},
{
"db": "PACKETSTORM",
"id": "123921"
},
{
"db": "PACKETSTORM",
"id": "123942"
},
{
"db": "PACKETSTORM",
"id": "124143"
},
{
"db": "PACKETSTORM",
"id": "124386"
},
{
"db": "PACKETSTORM",
"id": "123722"
},
{
"db": "PACKETSTORM",
"id": "123946"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004691"
},
{
"db": "NVD",
"id": "CVE-2013-5783"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-13-245",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2013-5783",
"ident": null
},
{
"db": "BID",
"id": "63154",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "124303",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127267",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123647",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123921",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123942",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "124143",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "124386",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123722",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123946",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004691",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2013-5783",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2013-10-16T00:00:00",
"db": "ZDI",
"id": "ZDI-13-245",
"ident": null
},
{
"date": "2013-10-16T00:00:00",
"db": "VULMON",
"id": "CVE-2013-5783",
"ident": null
},
{
"date": "2013-10-15T00:00:00",
"db": "BID",
"id": "63154",
"ident": null
},
{
"date": "2013-12-06T01:03:48",
"db": "PACKETSTORM",
"id": "124303",
"ident": null
},
{
"date": "2014-06-30T23:39:28",
"db": "PACKETSTORM",
"id": "127267",
"ident": null
},
{
"date": "2013-10-17T20:25:58",
"db": "PACKETSTORM",
"id": "123647",
"ident": null
},
{
"date": "2013-11-05T23:55:00",
"db": "PACKETSTORM",
"id": "123921",
"ident": null
},
{
"date": "2013-11-07T13:38:00",
"db": "PACKETSTORM",
"id": "123942",
"ident": null
},
{
"date": "2013-11-22T02:10:22",
"db": "PACKETSTORM",
"id": "124143",
"ident": null
},
{
"date": "2013-12-11T06:58:03",
"db": "PACKETSTORM",
"id": "124386",
"ident": null
},
{
"date": "2013-10-22T23:53:44",
"db": "PACKETSTORM",
"id": "123722",
"ident": null
},
{
"date": "2013-11-07T14:01:00",
"db": "PACKETSTORM",
"id": "123946",
"ident": null
},
{
"date": "2013-10-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004691",
"ident": null
},
{
"date": "2013-10-16T15:55:34.507000",
"db": "NVD",
"id": "CVE-2013-5783",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2013-10-16T00:00:00",
"db": "ZDI",
"id": "ZDI-13-245",
"ident": null
},
{
"date": "2018-01-05T00:00:00",
"db": "VULMON",
"id": "CVE-2013-5783",
"ident": null
},
{
"date": "2017-08-22T14:12:00",
"db": "BID",
"id": "63154",
"ident": null
},
{
"date": "2015-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004691",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-5783",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "63154"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "Oracle Java SE and Java SE Embedded In Swing Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004691"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "63154"
}
],
"trust": 0.3
}
}
VAR-201310-0349
Vulnerability from variot - Updated: 2026-04-10 23:00Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. The vulnerability can be exploited over multiple protocols. This issue affects the '2D' sub-component. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201406-32
http://security.gentoo.org/
Severity: High Title: IcedTea JDK: Multiple vulnerabilities Date: June 29, 2014 Bugs: #312297, #330205, #340819, #346799, #352035, #353418, #354231, #355127, #370787, #387637, #404095, #421031, #429522, #433389, #438750, #442478, #457206, #458410, #461714, #466822, #477210, #489570, #508270 ID: 201406-32
Synopsis
Multiple vulnerabilities have been found in the IcedTea JDK, the worst of which could lead to arbitrary code execution.
Background
IcedTea is a distribution of the Java OpenJDK source code built with free build tools.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/icedtea-bin < 6.1.13.3 >= 6.1.13.3
Description
Multiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All IcedTea JDK users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/icedtea-bin-6.1.13.3"
References
[ 1 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 2 ] CVE-2010-2548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548 [ 3 ] CVE-2010-2783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783 [ 4 ] CVE-2010-3541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541 [ 5 ] CVE-2010-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548 [ 6 ] CVE-2010-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549 [ 7 ] CVE-2010-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551 [ 8 ] CVE-2010-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553 [ 9 ] CVE-2010-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554 [ 10 ] CVE-2010-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557 [ 11 ] CVE-2010-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561 [ 12 ] CVE-2010-3562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562 [ 13 ] CVE-2010-3564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564 [ 14 ] CVE-2010-3565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565 [ 15 ] CVE-2010-3566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566 [ 16 ] CVE-2010-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567 [ 17 ] CVE-2010-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568 [ 18 ] CVE-2010-3569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569 [ 19 ] CVE-2010-3573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573 [ 20 ] CVE-2010-3574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574 [ 21 ] CVE-2010-3860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860 [ 22 ] CVE-2010-4351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351 [ 23 ] CVE-2010-4448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448 [ 24 ] CVE-2010-4450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450 [ 25 ] CVE-2010-4465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465 [ 26 ] CVE-2010-4467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467 [ 27 ] CVE-2010-4469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469 [ 28 ] CVE-2010-4470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470 [ 29 ] CVE-2010-4471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471 [ 30 ] CVE-2010-4472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472 [ 31 ] CVE-2010-4476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476 [ 32 ] CVE-2011-0025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025 [ 33 ] CVE-2011-0706 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706 [ 34 ] CVE-2011-0815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815 [ 35 ] CVE-2011-0822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822 [ 36 ] CVE-2011-0862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862 [ 37 ] CVE-2011-0864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864 [ 38 ] CVE-2011-0865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865 [ 39 ] CVE-2011-0868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868 [ 40 ] CVE-2011-0869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869 [ 41 ] CVE-2011-0870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870 [ 42 ] CVE-2011-0871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871 [ 43 ] CVE-2011-0872 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872 [ 44 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 45 ] CVE-2011-3521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521 [ 46 ] CVE-2011-3544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544 [ 47 ] CVE-2011-3547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547 [ 48 ] CVE-2011-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548 [ 49 ] CVE-2011-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551 [ 50 ] CVE-2011-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552 [ 51 ] CVE-2011-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553 [ 52 ] CVE-2011-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554 [ 53 ] CVE-2011-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556 [ 54 ] CVE-2011-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557 [ 55 ] CVE-2011-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558 [ 56 ] CVE-2011-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560 [ 57 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 58 ] CVE-2011-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571 [ 59 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 60 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 61 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 62 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 63 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 64 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 65 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 66 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 67 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 68 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 69 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 70 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 71 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 72 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 73 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 74 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 75 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 76 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 77 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 78 ] CVE-2012-3422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422 [ 79 ] CVE-2012-3423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423 [ 80 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 81 ] CVE-2012-4540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540 [ 82 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 83 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 84 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 85 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 86 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 87 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 88 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 89 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 90 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 91 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 92 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 93 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 94 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 95 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 96 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 97 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 98 ] CVE-2012-5979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979 [ 99 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 100 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 101 ] CVE-2013-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424 [ 102 ] CVE-2013-0425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425 [ 103 ] CVE-2013-0426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426 [ 104 ] CVE-2013-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427 [ 105 ] CVE-2013-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428 [ 106 ] CVE-2013-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429 [ 107 ] CVE-2013-0431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431 [ 108 ] CVE-2013-0432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432 [ 109 ] CVE-2013-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433 [ 110 ] CVE-2013-0434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434 [ 111 ] CVE-2013-0435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435 [ 112 ] CVE-2013-0440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440 [ 113 ] CVE-2013-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441 [ 114 ] CVE-2013-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442 [ 115 ] CVE-2013-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443 [ 116 ] CVE-2013-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444 [ 117 ] CVE-2013-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450 [ 118 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 119 ] CVE-2013-1475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475 [ 120 ] CVE-2013-1476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476 [ 121 ] CVE-2013-1478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478 [ 122 ] CVE-2013-1480 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480 [ 123 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 124 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 125 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 126 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 127 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 128 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 129 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 130 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 131 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 132 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 133 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 134 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 135 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 136 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 137 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 138 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 139 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 140 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 141 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 142 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 143 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 144 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 145 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 146 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 147 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 148 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 149 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 150 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 151 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 152 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 153 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 154 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 155 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 156 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 157 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 158 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 159 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 160 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 161 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 162 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 163 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 164 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 165 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 166 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 167 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 168 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 169 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 170 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 171 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 172 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 173 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 174 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 175 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 176 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 177 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 178 ] CVE-2013-4002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002 [ 179 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 180 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 181 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 182 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 183 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 184 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 185 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 186 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 187 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 188 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 189 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 190 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 191 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 192 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 193 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 194 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 195 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 196 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 197 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 198 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 199 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 200 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 201 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 202 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 203 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 204 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 205 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 206 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 207 ] CVE-2013-6629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629 [ 208 ] CVE-2013-6954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954 [ 209 ] CVE-2014-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429 [ 210 ] CVE-2014-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446 [ 211 ] CVE-2014-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451 [ 212 ] CVE-2014-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452 [ 213 ] CVE-2014-0453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453 [ 214 ] CVE-2014-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456 [ 215 ] CVE-2014-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457 [ 216 ] CVE-2014-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458 [ 217 ] CVE-2014-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459 [ 218 ] CVE-2014-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460 [ 219 ] CVE-2014-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461 [ 220 ] CVE-2014-1876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876 [ 221 ] CVE-2014-2397 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397 [ 222 ] CVE-2014-2398 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398 [ 223 ] CVE-2014-2403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403 [ 224 ] CVE-2014-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412 [ 225 ] CVE-2014-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414 [ 226 ] CVE-2014-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421 [ 227 ] CVE-2014-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423 [ 228 ] CVE-2014-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201406-32.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2013-10-15-1 Java for OS X 2013-005 and Mac OS X v10.6 Update 17
Java for OS X 2013-005 and Mac OS X v10.6 Update 17 is now available and addresses the following:
Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Impact: Multiple vulnerabilities in Java 1.6.0_51 Description: 8011782 Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at ht tp://www.oracle.com/technetwork/java/javase/releasenotes-136954.html CVE-ID CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5776 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5787 CVE-2013-5789 CVE-2013-5790 CVE-2013-5797 CVE-2013-5801 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5812 CVE-2013-5814 CVE-2013-5817 CVE-2013-5818 CVE-2013-5819 CVE-2013-5820 CVE-2013-5823 CVE-2013-5824 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5831 CVE-2013-5832 CVE-2013-5840 CVE-2013-5842 CVE-2013-5843 CVE-2013-5848 CVE-2013-5849 CVE-2013-5850
Java for OS X 2013-005 and Mac OS X v10.6 Update 17 may be obtained from the Software Update pane in System Preferences, Mac App Store, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems The download file is named: JavaForMacOSX10.6update17.dmg Its SHA-1 digest is: 5dfe7eaebf9726352c97964da61d57fa28246c08
For OS X Lion and Mountain Lion systems The download file is named: JavaForOSX2013-005.dmg Its SHA-1 digest is: ce78f9a916b91ec408c933bd0bde5973ca8a2dc4
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJSXYc6AAoJEPefwLHPlZEwD8EP/3aN1h4wIM/BjidF3ZY+PXf3 Lzgtb8yAxh03A+J3NJCd3BKmjINXIo9Wwt9aUTktEz4UefvpF+rIsgKSinotvQt0 TmtsYPItFgs83Lj2IFBpCLurM+O0fUhje+mvVzR/KA7kHvrtXYRC5w2plWh32Smm D4Ejh8odeR0IU3OdWV5MJpcRoRpRySX16JOEJc76SIE0+sbOLHZ90rmzyPMB0S2u jZRq8qY3DJS9C5De97gh8F/V76fV8Aiq6RwGPs9m+tJUCJe6XLEy8Wq/G3jlKXyr +KrradRl9Bz5oTUnVDlN9odoOGZ/J4nq4xs0RyN08uETKcw6315+7UTP3B+hD8IM 1YyWeceCd8oHtWlR/02spwaku5ctxiUZpqXQ8DxDH3e8dONBfndfmKGUnywQSFd8 vCgZR0SQgSbhtD/UnNGW9VgJsxKgO4gi17aVD/B9LYmMztsSB+wPkg96uTR6J7yh +ogJqYeOGsMvvQd8XY++ig1bhEsfzzauEWnq3G4WG8E+Fep+5RHZewxnhzakapqW 2z7byXHNXtIP2cxL//DG/x4ed+gAWzKxZyPDPSrltw162mkJk/6mTedtpead4LH8 Ooi4Cf1HMbC9gdRBdtGNWo7EN9kr9rpajuRWjqxT5uTLAgJusKk5UnSO2KJtromy Los4PbyC//yRidZKynqx =I3n5 -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: RHSA-2013:1447-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-1447.html Issue date: 2013-10-21 CVE Names: CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5838 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851 =====================================================================
- Summary:
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
- Description:
These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit.
Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine. (CVE-2013-5782)
The class loader did not properly check the package access for non-public proxy classes. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2013-5830)
Multiple improper permission check issues were discovered in the 2D, CORBA, JNDI, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-5829, CVE-2013-5814, CVE-2013-5817, CVE-2013-5842, CVE-2013-5850, CVE-2013-5838)
Multiple input checking flaws were discovered in the JPEG image reading and writing code in the 2D component. An untrusted Java application or applet could use these flaws to corrupt the Java Virtual Machine memory and bypass Java sandbox restrictions. (CVE-2013-5809)
The FEATURE_SECURE_PROCESSING setting was not properly honored by the javax.xml.transform package transformers. A remote attacker could use this flaw to supply a crafted XML that would be processed without the intended security restrictions. (CVE-2013-5802)
Multiple errors were discovered in the way the JAXP and Security components processes XML inputs. A remote attacker could create a crafted XML that would cause a Java application to use an excessive amount of CPU and memory when processed. (CVE-2013-5825, CVE-2013-4002, CVE-2013-5823)
Multiple improper permission check issues were discovered in the Libraries, Swing, JAX-WS, JAXP, JGSS, AWT, Beans, and Scripting components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2013-3829, CVE-2013-5840, CVE-2013-5774, CVE-2013-5783, CVE-2013-5820, CVE-2013-5851, CVE-2013-5800, CVE-2013-5849, CVE-2013-5790, CVE-2013-5784)
It was discovered that the 2D component image library did not properly check bounds when performing image conversions. An untrusted Java application or applet could use this flaw to disclose portions of the Java Virtual Machine memory. (CVE-2013-5778)
Multiple input sanitization flaws were discovered in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting attacks. (CVE-2013-5804, CVE-2013-5797)
Various OpenJDK classes that represent cryptographic keys could leak private key information by including sensitive data in strings returned by toString() methods. These flaws could possibly lead to an unexpected exposure of sensitive key data. (CVE-2013-5780)
The Java Heap Analysis Tool (jhat) failed to properly escape all data added into the HTML pages it generated. Crafted content in the memory of a Java program analyzed using jhat could possibly be used to conduct cross-site scripting attacks. (CVE-2013-5772)
The Kerberos implementation in OpenJDK did not properly parse KDC responses. A malformed packet could cause a Java application using JGSS to exit. (CVE-2013-5803)
All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
1018713 - CVE-2013-5803 OpenJDK: insufficient checks of KDC replies (JGSS, 8014341) 1018717 - CVE-2013-5772 OpenJDK: insufficient html escaping in jhat (jhat, 8011081) 1018720 - CVE-2013-5797 OpenJDK: insufficient escaping of window title string (Javadoc, 8016675) 1018727 - CVE-2013-5784 OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299) 1018736 - CVE-2013-5790 OpenJDK: insufficient security checks (Beans, 8012071) 1018750 - CVE-2013-5849 OpenJDK: insufficient DataFlavor security checks (AWT, 8012277) 1018755 - CVE-2013-5800 OpenJDK: default keytab path information leak (JGSS, 8022931) 1018785 - CVE-2013-5780 OpenJDK: key data leak via toString() methods (Libraries, 8011071) 1018831 - CVE-2013-5840 OpenJDK: getDeclaringClass() information leak (Libraries, 8014349) 1018972 - CVE-2013-5820 OpenJDK: insufficient security checks (JAXWS, 8017505) 1018977 - CVE-2013-5851 OpenJDK: XML stream factory finder information leak (JAXP, 8013502) 1018984 - CVE-2013-5778 OpenJDK: image conversion out of bounds read (2D, 8014102) 1019108 - CVE-2013-5782 OpenJDK: Incorrect awt_getPixelByte/awt_getPixelShort/awt_setPixelByte/awt_setPixelShort image raster checks (2D, 8014093) 1019110 - CVE-2013-5830 OpenJDK: checkPackageAccess missing security check (Libraries, 8017291) 1019113 - CVE-2013-5809 OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510) 1019115 - CVE-2013-5829 OpenJDK: Java2d Disposer security bypass (2D, 8017287) 1019117 - CVE-2013-5814 OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157) 1019118 - CVE-2013-5817 OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739) 1019123 - CVE-2013-5842 OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987) 1019127 - CVE-2013-5850 OpenJDK: Missing CORBA security checks (Libraries, 8017196) 1019130 - CVE-2013-5802 OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425) 1019131 - CVE-2013-5804 OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653) 1019133 - CVE-2013-3829 OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029) 1019137 - CVE-2013-5783 OpenJDK: JTable not properly performing certain access checks (Swing, 8013744) 1019139 - CVE-2013-5825 OpenJDK: XML parsing Denial of Service (JAXP, 8014530) 1019145 - CVE-2013-5823 OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290) 1019147 - CVE-2013-5774 OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743) 1019176 - CVE-2013-4002 OpenJDK: XML parsing Denial of Service (JAXP, 8017298) 1019300 - CVE-2013-5838 OpenJDK: Vulnerability in Libraries component (Libraries, 7023639)
- Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.45-2.4.3.1.el5_10.src.rpm
i386: java-1.7.0-openjdk-1.7.0.45-2.4.3.1.el5_10.i386.rpm java-1.7.0-openjdk-debuginfo-1.7.0.45-2.4.3.1.el5_10.i386.rpm java-1.7.0-openjdk-demo-1.7.0.45-2.4.3.1.el5_10.i386.rpm java-1.7.0-openjdk-devel-1.7.0.45-2.4.3.1.el5_10.i386.rpm java-1.7.0-openjdk-javadoc-1.7.0.45-2.4.3.1.el5_10.i386.rpm java-1.7.0-openjdk-src-1.7.0.45-2.4.3.1.el5_10.i386.rpm
x86_64: java-1.7.0-openjdk-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm java-1.7.0-openjdk-javadoc-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.45-2.4.3.1.el5_10.src.rpm
i386: java-1.7.0-openjdk-1.7.0.45-2.4.3.1.el5_10.i386.rpm java-1.7.0-openjdk-debuginfo-1.7.0.45-2.4.3.1.el5_10.i386.rpm java-1.7.0-openjdk-demo-1.7.0.45-2.4.3.1.el5_10.i386.rpm java-1.7.0-openjdk-devel-1.7.0.45-2.4.3.1.el5_10.i386.rpm java-1.7.0-openjdk-javadoc-1.7.0.45-2.4.3.1.el5_10.i386.rpm java-1.7.0-openjdk-src-1.7.0.45-2.4.3.1.el5_10.i386.rpm
x86_64: java-1.7.0-openjdk-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm java-1.7.0-openjdk-javadoc-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-3829.html https://www.redhat.com/security/data/cve/CVE-2013-4002.html https://www.redhat.com/security/data/cve/CVE-2013-5772.html https://www.redhat.com/security/data/cve/CVE-2013-5774.html https://www.redhat.com/security/data/cve/CVE-2013-5778.html https://www.redhat.com/security/data/cve/CVE-2013-5780.html https://www.redhat.com/security/data/cve/CVE-2013-5782.html https://www.redhat.com/security/data/cve/CVE-2013-5783.html https://www.redhat.com/security/data/cve/CVE-2013-5784.html https://www.redhat.com/security/data/cve/CVE-2013-5790.html https://www.redhat.com/security/data/cve/CVE-2013-5797.html https://www.redhat.com/security/data/cve/CVE-2013-5800.html https://www.redhat.com/security/data/cve/CVE-2013-5802.html https://www.redhat.com/security/data/cve/CVE-2013-5803.html https://www.redhat.com/security/data/cve/CVE-2013-5804.html https://www.redhat.com/security/data/cve/CVE-2013-5809.html https://www.redhat.com/security/data/cve/CVE-2013-5814.html https://www.redhat.com/security/data/cve/CVE-2013-5817.html https://www.redhat.com/security/data/cve/CVE-2013-5820.html https://www.redhat.com/security/data/cve/CVE-2013-5823.html https://www.redhat.com/security/data/cve/CVE-2013-5825.html https://www.redhat.com/security/data/cve/CVE-2013-5829.html https://www.redhat.com/security/data/cve/CVE-2013-5830.html https://www.redhat.com/security/data/cve/CVE-2013-5838.html https://www.redhat.com/security/data/cve/CVE-2013-5840.html https://www.redhat.com/security/data/cve/CVE-2013-5842.html https://www.redhat.com/security/data/cve/CVE-2013-5849.html https://www.redhat.com/security/data/cve/CVE-2013-5850.html https://www.redhat.com/security/data/cve/CVE-2013-5851.html https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFSZWg6XlSAg2UNWIIRAtrcAJ9Pr8HUGP6KoZuAOmHGz4SotHk0CwCgmOVZ 5FtHw7EpRVvpS7dBLzZEHE0= =QE5j -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ============================================================================ Ubuntu Security Notice USN-2033-1 November 21, 2013
openjdk-6 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenJDK 6. An attacker could exploit these to expose sensitive data over the network. (CVE-2013-3829, CVE-2013-5783, CVE-2013-5804)
Several vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial of service. (CVE-2013-4002, CVE-2013-5803, CVE-2013-5823, CVE-2013-5825)
Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. An attacker could exploit these to expose sensitive data over the network. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2013-5782, CVE-2013-5802, CVE-2013-5809, CVE-2013-5829, CVE-2013-5814, CVE-2013-5817, CVE-2013-5830, CVE-2013-5842, CVE-2013-5850)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: icedtea-6-jre-cacao 6b27-1.12.6-1ubuntu0.12.04.4 icedtea-6-jre-jamvm 6b27-1.12.6-1ubuntu0.12.04.4 openjdk-6-jre 6b27-1.12.6-1ubuntu0.12.04.4 openjdk-6-jre-headless 6b27-1.12.6-1ubuntu0.12.04.4 openjdk-6-jre-lib 6b27-1.12.6-1ubuntu0.12.04.4 openjdk-6-jre-zero 6b27-1.12.6-1ubuntu0.12.04.4
Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b27-1.12.6-1ubuntu0.10.04.4 openjdk-6-jre 6b27-1.12.6-1ubuntu0.10.04.4 openjdk-6-jre-headless 6b27-1.12.6-1ubuntu0.10.04.4 openjdk-6-jre-lib 6b27-1.12.6-1ubuntu0.10.04.4 openjdk-6-jre-zero 6b27-1.12.6-1ubuntu0.10.04.4
This update uses a new upstream release, which includes additional bug fixes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04031205
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04031205 Version: 1
HPSBUX02943 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2013-12-04 Last Updated: 2013-12-04
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v6.0.20 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2013-3829 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2013-4002 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2013-5772 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6 CVE-2013-5774 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5776 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5778 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-5780 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2013-5782 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5783 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2013-5784 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2013-5787 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5789 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5790 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2013-5797 (AV:N/AC:M/Au:S/C:N/I:P/A:N) 3.5 CVE-2013-5801 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-5802 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2013-5803 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6 CVE-2013-5804 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2013-5809 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5812 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2013-5814 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5817 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5818 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5819 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5820 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5823 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-5824 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5825 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-5829 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5830 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5831 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5840 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-5842 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5843 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-5848 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-5849 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2013-5852 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrade to resolve these vulnerabilities.
The upgrade is available from the following location: http://www.hp.com/java
OS Version Release Version
HP-UX B.11.11, B.11.23, B.11.31 JDK and JRE v6.0.21 or subsequent
MANUAL ACTIONS: Yes - Update For Java v6.0 update to Java v6.0.21 or subsequent PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11 HP-UX B.11.23 =========== Jdk60.JDK60-COM Jdk60.JDK60-PA20 Jdk60.JDK60-PA20W Jre60.JRE60-COM Jre60.JRE60-COM-DOC Jre60.JRE60-PA20 Jre60.JRE60-PA20-HS Jre60.JRE60-PA20W Jre60.JRE60-PA20W-HS Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.21.00 or subsequent
HP-UX B.11.23 HP-UX B.11.31 =========== Jdk60.JDK60-COM Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.21.00 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 4 December 2013 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "cosminexus primary server base",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-50"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "cosminexus developer professional version",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus application server standard version",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus client version",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus developer light version",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus application server enterprise version",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "cosminexus developer standard version",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "cosminexus developer standard version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus primary server base",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "06-00"
},
{
"_id": null,
"model": "cosminexus application server enterprise version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus application server version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "505-05"
},
{
"_id": null,
"model": "cosminexus developer professional version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus application server standard version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus developer version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "505-05"
},
{
"_id": null,
"model": "cosminexus developer light version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus studio version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "505-05"
},
{
"_id": null,
"model": "cosminexus client version",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r27.7.3"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.1.3"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.1.4"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r27.7.5"
},
{
"_id": null,
"model": "jrockit",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "r27.7.6"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.0.1"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.2.4"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r27.7.4"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.0.2"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r27.7.2"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.1.1"
},
{
"_id": null,
"model": "jrockit",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.2.8"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.2.3"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.2.2"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.1.5"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.0.0"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.2.5"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r27.7.1"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.2.6"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jrockit",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "r28.1.0"
},
{
"_id": null,
"model": "jre 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.7.0 8",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus developer light version 06-00-/e",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jdk 1.7.0 21",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 16",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "cosminexus developer version",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "505-00"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "cosminexus primary server base 06-00-/e",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "jdk 1.5.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 60",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus client 06-70-/f",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.5.0 17",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-70-/f",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 60",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 10",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server smart edition",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "jre 1.7.0 10",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "jdk 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 40",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.7"
},
{
"_id": null,
"model": "jre 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 43",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 17",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 16",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-00-/e",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jdk 0 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 10",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "jdk 1.5.0 24",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.7.0 13",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 41",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 9",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 8",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 37",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "jre 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version 06-00-/e",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jre 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus application server version",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "505-00"
},
{
"_id": null,
"model": "jre 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-00-/e",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jdk 1.6.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 51",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard 06-70-/f",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 40",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 43",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "jdk 1.5.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.7"
},
{
"_id": null,
"model": "jre 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 11",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 01",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.7.0 13",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "jdk 1.6.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 51",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 12",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.5.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 11",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus client version 06-00-/e",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-70-/f",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 06-00-/e",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jdk 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 9",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"_id": null,
"model": "cosminexus developer light version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-00-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jdk 1.7.0 17",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus developer light version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus developer professional version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-50-/c",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jdk 01-b06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "cosminexus primary server base",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-51"
},
{
"_id": null,
"model": "cosminexus application server enterprise version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus client version 06-00-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server enterprise version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus developer professional version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-00-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jre 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-50-/f",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-00-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus client version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus studio version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "505-00"
},
{
"_id": null,
"model": "cosminexus studio version 05-05-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "cosminexus primary server base )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-50"
},
{
"_id": null,
"model": "cosminexus application server standard version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-50-/c",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "jre 1.7.0 21",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "cosminexus developer standard version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-50-/f",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer light version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "jdk 1.5.0 41",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus primary server base 06-00-/i",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus client version 06-50-/c",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-50-/f",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer professional version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "jdk 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 12",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus application server standard version 06-50-/c",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"_id": null,
"model": "cosminexus application server enterprise version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus developer standard version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "cosminexus client version 06-50-/f",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "cosminexus application server enterprise version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "cosminexus developer standard version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus primary server base )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-00"
},
{
"_id": null,
"model": "cosminexus application server version 05-05-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus application server standard version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-50"
},
{
"_id": null,
"model": "cosminexus developer light version 06-50-/c",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus primary server base",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "cosminexus client version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "jre 1.6.0 2",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus primary server base 06-50-/c",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jdk 07-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "cosminexus client version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus developer standard version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus primary server base 06-50-/f",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 45",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 06-50-/c",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-50-/f",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer professional version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "cosminexus application server standard version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "cosminexus developer version 05-05-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "cosminexus developer light version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus client version )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-00"
},
{
"_id": null,
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "cosminexus primary server base",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-02"
},
{
"_id": null,
"model": "jdk 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-00-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server standard version",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "jdk 1.5.0.0 11",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 11-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "cosminexus developer light version 06-00-/i",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer light version 06-50-/f",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "jre 1.5.0.0 07",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 01",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 20",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server light (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-51-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-51-/n",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.0"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-51-/n",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.47"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.6"
},
{
"_id": null,
"model": "tivoli endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-51-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.32"
},
{
"_id": null,
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.43"
},
{
"_id": null,
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-02-/g",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-02-/g",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli policy driven software distribution",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.4"
},
{
"_id": null,
"model": "ucosminexus service platform )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-51-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus notes fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-71-/m",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "jdk 1.5.0 11",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer light version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.4"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "jrockit r28.0.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.3"
},
{
"_id": null,
"model": "aura communication manager utility services sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.16.1.0.9.8"
},
{
"_id": null,
"model": "network satellite server (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6)5.4"
},
{
"_id": null,
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.4"
},
{
"_id": null,
"model": "cosminexus application server version 05-00-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56001"
},
{
"_id": null,
"model": "cosminexus client version 06-02-/f",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-02-/d",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jrockit r28.1.1",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "jrockit r28.2.1",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"_id": null,
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer version 05-05-/o",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "lotus domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.35"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-71-/m",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"_id": null,
"model": "jdk 1.5.0 11-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "cosminexus client version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.5"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-00-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "nonstop server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "vcenter server update1",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.4"
},
{
"_id": null,
"model": "powersc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "cosminexus developer light version 06-02-/d",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-02-/f",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "update manager update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.51"
},
{
"_id": null,
"model": "ucosminexus service platform )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "cosminexus developer light version 06-50-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "tivoli storage productivity center fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2"
},
{
"_id": null,
"model": "ucosminexus client 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "cosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-02"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "lotus domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.33"
},
{
"_id": null,
"model": "ucosminexus application server standard 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-70-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "cosminexus primary server base 06-51-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus application server version 05-00-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus client 06-70-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 08",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus developer light version 06-51-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-50-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-02-/f",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56002"
},
{
"_id": null,
"model": "ucosminexus application server smart edition )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"_id": null,
"model": "cms r17ac.g",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-00-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.0.9.8"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.24"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-70-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus domino 8.5.3fp1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "lotus notes fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "cosminexus application server version",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "505-01"
},
{
"_id": null,
"model": "linux enterprise server sp2 for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "lotus domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.12"
},
{
"_id": null,
"model": "ucosminexus developer professional",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "trio tview software",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.27.0"
},
{
"_id": null,
"model": "mac os update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.617"
},
{
"_id": null,
"model": "jrockit r27.6.0-50",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.015"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "cosminexus developer version 05-00-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "lotus domino fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "ucosminexus operator",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "jrockit r27.7.3",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jrockit r27.6.5",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "linux enterprise software development kit sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "ucosminexus application server enterprise (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "cosminexus client version 06-50-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "lotus domino fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"_id": null,
"model": "ucosminexus application server standard-r (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "lotus expeditor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.2"
},
{
"_id": null,
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "network satellite server (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5)5.4"
},
{
"_id": null,
"model": "ucosminexus application server standard 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "linux enterprise server sp3 for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "cosminexus developer light version 06-51-/n",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard 06-70-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "cosminexus developer light version 06-02-/g",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "os/400 v6r1m0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer professional",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-71"
},
{
"_id": null,
"model": "cosminexus developer professional version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"_id": null,
"model": "jrockit r27.7.1",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.6"
},
{
"_id": null,
"model": "cosminexus primary server base 06-00-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.5"
},
{
"_id": null,
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.0"
},
{
"_id": null,
"model": "ucosminexus client 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "cosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-51"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.2"
},
{
"_id": null,
"model": "ucosminexus application server smart edition )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.3"
},
{
"_id": null,
"model": "ucosminexus application server standard 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jrockit r28.0.1",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3"
},
{
"_id": null,
"model": "cosminexus application server version 05-00-/s",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "cosminexus application server standard version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "cosminexus primary server base 06-02-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.2"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.4"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-71"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.19"
},
{
"_id": null,
"model": "jrockit r27.6.7",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jrockit r27.6.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.1"
},
{
"_id": null,
"model": "cosminexus studio version",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "505-01"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6)5.6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.10"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.11"
},
{
"_id": null,
"model": "ucosminexus client 06-71-/m",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 06-51-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "linux enterprise java sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2143"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-51-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-70-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "aura conferencing sp1 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "cosminexus developer light version 06-51-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.1"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "560010.1"
},
{
"_id": null,
"model": "ucosminexus application server express (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.170"
},
{
"_id": null,
"model": "cosminexus primary server base 06-50-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.4"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "lotus notes fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.35"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.32"
},
{
"_id": null,
"model": "ucosminexus developer professional 06-70-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "linux enterprise software development kit sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.13"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-00-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"_id": null,
"model": "jdk 0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "core",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "cosminexus application server enterprise version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.3"
},
{
"_id": null,
"model": "jrockit r28.2.2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "cosminexus primary server base 06-02-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus application server version 05-05-/r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.029"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.31"
},
{
"_id": null,
"model": "ucosminexus client 06-70-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard 06-72-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "trio tview software",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.29.0"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.2"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "ucosminexus application server standard (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"_id": null,
"model": "lotus notes fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.33"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus client 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus studio version 05-05-/o",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "cosminexus studio version 05-05-/r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "jrockit r27.7.4",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus studio version 05-00-/s",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "ucosminexus application server light (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"_id": null,
"model": "lotus notes fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.32"
},
{
"_id": null,
"model": "cosminexus client version 06-02-/g",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.27"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.1"
},
{
"_id": null,
"model": "ucosminexus service platform )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "cosminexus studio version 05-01-/l",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus application server standard 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "cosminexus developer version 05-00-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus developer professional",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"_id": null,
"model": "lotus domino 8.5.1fp5",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.04"
},
{
"_id": null,
"model": "suse core for",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9x86"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.4"
},
{
"_id": null,
"model": "jrockit r27.1.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus client version 06-50-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus expeditor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.3"
},
{
"_id": null,
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.18"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "jrockit r28.1.4",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.2"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56009.7"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.185"
},
{
"_id": null,
"model": "jrockit r27.6.6",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "cosminexus client version 06-00-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jrockit r27.6.8",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.2"
},
{
"_id": null,
"model": "cosminexus primary server base 06-50-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-51-/n",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.45"
},
{
"_id": null,
"model": "ucosminexus developer light 06-70-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "tivoli endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.17"
},
{
"_id": null,
"model": "cosminexus developer light version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-50-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.12"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-02-/f",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-00-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "websphere real time sr6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"_id": null,
"model": "jrockit r28.2.3",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jrockit r27.6.4",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-50-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus primary server base 06-50-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version 06-02-/d",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.31"
},
{
"_id": null,
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"_id": null,
"model": "cosminexus application server version 05-05-/o",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "i5/os v6r1m0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-50-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "jrockit r27.7.6",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.3"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-70"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "ucosminexus service architect )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "jrockit r28.2.6",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus client version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-50-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.4"
},
{
"_id": null,
"model": "cosminexus developer light version 06-02-/f",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"_id": null,
"model": "ucosminexus service architect )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "jdk 0 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.2"
},
{
"_id": null,
"model": "jrockit r27.7.2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus application server version 05-01-/l",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "cosminexus primary server base 06-51-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-51-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "websphere real time sr5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "lotus domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.34"
},
{
"_id": null,
"model": "lotus expeditor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-50-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-02-/d",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"_id": null,
"model": "cosminexus developer version 05-05-/r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "jdk 1.6.0 01-b06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "lotus notes fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.34"
},
{
"_id": null,
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "cosminexus developer standard version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "ucosminexus application server enterprise (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"_id": null,
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-02-/d",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.25"
},
{
"_id": null,
"model": "os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2013-005"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"_id": null,
"model": "lotus domino fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "ucosminexus application server standard-r (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "cosminexus developer version 05-00-/s",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus application server smart edition )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-50"
},
{
"_id": null,
"model": "jrockit r28.2.8",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "jrockit r27.6.2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 06-02-/f",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer standard version 06-50-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-50-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "linux enterprise java sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.13"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-70-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.5"
},
{
"_id": null,
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "jrockit r28.2.4",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server smart edition (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"_id": null,
"model": "lotus domino 8.5fp1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.143"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.0"
},
{
"_id": null,
"model": "jrockit r27.6.9",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "ucosminexus primary server base )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "jrockit r27.6.3",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server smart edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.3"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-51-/n",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli storage productivity center fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.14"
},
{
"_id": null,
"model": "linux enterprise server sp3 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "ucosminexus primary server base",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "network satellite server (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6)5.5"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "network satellite server (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5)5.5"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.177"
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"_id": null,
"model": "jre 1.5.0 09",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cosminexus developer version 05-01-/l",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-50-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"_id": null,
"model": "jrockit r27.7.5",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus client version 06-51-/n",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "cosminexus application server enterprise version 06-02-/g",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56003"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-72-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"_id": null,
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.12"
},
{
"_id": null,
"model": "ucosminexus application server enterprise 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-50-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "cosminexus client version 06-51-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.0"
},
{
"_id": null,
"model": "jrockit r28.1.3",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus developer light version 06-50-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "cosminexus studio version 05-00-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-51-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer light version 06-00-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus client 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus domino fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.5"
},
{
"_id": null,
"model": "cosminexus developer professional version 06-50-/e",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.4"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.145"
},
{
"_id": null,
"model": "java se embedded 7u40",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "cosminexus primary server base 06-51-/n",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.3"
},
{
"_id": null,
"model": "ucosminexus developer standard 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server express (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"_id": null,
"model": "cosminexus application server standard version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-02"
},
{
"_id": null,
"model": "cosminexus client version 06-50-/i",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.4"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "ucosminexus client )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus application server standard 06-72-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"_id": null,
"model": "jrockit r28.2.7",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus application server standard version 06-51-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.4"
},
{
"_id": null,
"model": "jdk 1.5.0 07-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "cosminexus application server enterprise version )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "606-51"
},
{
"_id": null,
"model": "satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5)5.6"
},
{
"_id": null,
"model": "cosminexus application server standard version 06-50-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.145"
},
{
"_id": null,
"model": "ucosminexus application server standard-r )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "ucosminexus client 06-72-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 06-02-/g",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer light version 06-50-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus client version 06-02-/d",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus developer version",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "505-01"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.0"
},
{
"_id": null,
"model": "jrockit r28.2.5",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "cosminexus client version 06-51-/b",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus application server smart edition )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"_id": null,
"model": "cosminexus primary server base 06-02-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.010"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
}
],
"sources": [
{
"db": "BID",
"id": "63103"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-362"
},
{
"db": "NVD",
"id": "CVE-2013-5782"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "123941"
},
{
"db": "PACKETSTORM",
"id": "123647"
},
{
"db": "PACKETSTORM",
"id": "126195"
},
{
"db": "PACKETSTORM",
"id": "123689"
}
],
"trust": 0.4
},
"cve": "CVE-2013-5782",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-5782",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-5782",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201310-362",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2013-5782",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-5782"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-362"
},
{
"db": "NVD",
"id": "CVE-2013-5782"
}
]
},
"description": {
"_id": null,
"data": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. \nThe vulnerability can be exploited over multiple protocols. This issue affects the \u00272D\u0027 sub-component. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201406-32\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: IcedTea JDK: Multiple vulnerabilities\n Date: June 29, 2014\n Bugs: #312297, #330205, #340819, #346799, #352035, #353418,\n #354231, #355127, #370787, #387637, #404095, #421031,\n #429522, #433389, #438750, #442478, #457206, #458410,\n #461714, #466822, #477210, #489570, #508270\n ID: 201406-32\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the IcedTea JDK, the worst\nof which could lead to arbitrary code execution. \n\nBackground\n==========\n\nIcedTea is a distribution of the Java OpenJDK source code built with\nfree build tools. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-java/icedtea-bin \u003c 6.1.13.3 \u003e= 6.1.13.3 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in the IcedTea JDK. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll IcedTea JDK users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-java/icedtea-bin-6.1.13.3\"\n\nReferences\n==========\n\n[ 1 ] CVE-2009-3555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555\n[ 2 ] CVE-2010-2548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548\n[ 3 ] CVE-2010-2783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783\n[ 4 ] CVE-2010-3541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541\n[ 5 ] CVE-2010-3548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548\n[ 6 ] CVE-2010-3549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549\n[ 7 ] CVE-2010-3551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551\n[ 8 ] CVE-2010-3553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553\n[ 9 ] CVE-2010-3554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554\n[ 10 ] CVE-2010-3557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557\n[ 11 ] CVE-2010-3561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561\n[ 12 ] CVE-2010-3562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562\n[ 13 ] CVE-2010-3564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564\n[ 14 ] CVE-2010-3565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565\n[ 15 ] CVE-2010-3566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566\n[ 16 ] CVE-2010-3567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567\n[ 17 ] CVE-2010-3568\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568\n[ 18 ] CVE-2010-3569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569\n[ 19 ] CVE-2010-3573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573\n[ 20 ] CVE-2010-3574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574\n[ 21 ] CVE-2010-3860\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860\n[ 22 ] CVE-2010-4351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351\n[ 23 ] CVE-2010-4448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448\n[ 24 ] CVE-2010-4450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450\n[ 25 ] CVE-2010-4465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465\n[ 26 ] CVE-2010-4467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467\n[ 27 ] CVE-2010-4469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469\n[ 28 ] CVE-2010-4470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470\n[ 29 ] CVE-2010-4471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471\n[ 30 ] CVE-2010-4472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472\n[ 31 ] CVE-2010-4476\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476\n[ 32 ] CVE-2011-0025\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025\n[ 33 ] CVE-2011-0706\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706\n[ 34 ] CVE-2011-0815\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815\n[ 35 ] CVE-2011-0822\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822\n[ 36 ] CVE-2011-0862\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862\n[ 37 ] CVE-2011-0864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864\n[ 38 ] CVE-2011-0865\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865\n[ 39 ] CVE-2011-0868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868\n[ 40 ] CVE-2011-0869\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869\n[ 41 ] CVE-2011-0870\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870\n[ 42 ] CVE-2011-0871\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871\n[ 43 ] CVE-2011-0872\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872\n[ 44 ] CVE-2011-3389\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389\n[ 45 ] CVE-2011-3521\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521\n[ 46 ] CVE-2011-3544\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544\n[ 47 ] CVE-2011-3547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547\n[ 48 ] CVE-2011-3548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548\n[ 49 ] CVE-2011-3551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551\n[ 50 ] CVE-2011-3552\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552\n[ 51 ] CVE-2011-3553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553\n[ 52 ] CVE-2011-3554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554\n[ 53 ] CVE-2011-3556\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556\n[ 54 ] CVE-2011-3557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557\n[ 55 ] CVE-2011-3558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558\n[ 56 ] CVE-2011-3560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560\n[ 57 ] CVE-2011-3563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[ 58 ] CVE-2011-3571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571\n[ 59 ] CVE-2011-5035\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[ 60 ] CVE-2012-0497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[ 61 ] CVE-2012-0501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[ 62 ] CVE-2012-0502\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[ 63 ] CVE-2012-0503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[ 64 ] CVE-2012-0505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[ 65 ] CVE-2012-0506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[ 66 ] CVE-2012-0547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[ 67 ] CVE-2012-1711\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[ 68 ] CVE-2012-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[ 69 ] CVE-2012-1716\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[ 70 ] CVE-2012-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[ 71 ] CVE-2012-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[ 72 ] CVE-2012-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[ 73 ] CVE-2012-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[ 74 ] CVE-2012-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[ 75 ] CVE-2012-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[ 76 ] CVE-2012-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[ 77 ] CVE-2012-3216\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[ 78 ] CVE-2012-3422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422\n[ 79 ] CVE-2012-3423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423\n[ 80 ] CVE-2012-4416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[ 81 ] CVE-2012-4540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540\n[ 82 ] CVE-2012-5068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[ 83 ] CVE-2012-5069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[ 84 ] CVE-2012-5070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[ 85 ] CVE-2012-5071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[ 86 ] CVE-2012-5072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[ 87 ] CVE-2012-5073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[ 88 ] CVE-2012-5074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[ 89 ] CVE-2012-5075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[ 90 ] CVE-2012-5076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[ 91 ] CVE-2012-5077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[ 92 ] CVE-2012-5081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[ 93 ] CVE-2012-5084\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[ 94 ] CVE-2012-5085\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[ 95 ] CVE-2012-5086\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[ 96 ] CVE-2012-5087\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[ 97 ] CVE-2012-5089\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[ 98 ] CVE-2012-5979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979\n[ 99 ] CVE-2013-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[ 100 ] CVE-2013-0401\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[ 101 ] CVE-2013-0424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424\n[ 102 ] CVE-2013-0425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425\n[ 103 ] CVE-2013-0426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426\n[ 104 ] CVE-2013-0427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427\n[ 105 ] CVE-2013-0428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428\n[ 106 ] CVE-2013-0429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429\n[ 107 ] CVE-2013-0431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431\n[ 108 ] CVE-2013-0432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432\n[ 109 ] CVE-2013-0433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433\n[ 110 ] CVE-2013-0434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434\n[ 111 ] CVE-2013-0435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435\n[ 112 ] CVE-2013-0440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440\n[ 113 ] CVE-2013-0441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441\n[ 114 ] CVE-2013-0442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442\n[ 115 ] CVE-2013-0443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443\n[ 116 ] CVE-2013-0444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444\n[ 117 ] CVE-2013-0450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450\n[ 118 ] CVE-2013-0809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[ 119 ] CVE-2013-1475\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475\n[ 120 ] CVE-2013-1476\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476\n[ 121 ] CVE-2013-1478\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478\n[ 122 ] CVE-2013-1480\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480\n[ 123 ] CVE-2013-1484\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[ 124 ] CVE-2013-1485\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[ 125 ] CVE-2013-1486\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[ 126 ] CVE-2013-1488\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[ 127 ] CVE-2013-1493\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[ 128 ] CVE-2013-1500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[ 129 ] CVE-2013-1518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[ 130 ] CVE-2013-1537\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[ 131 ] CVE-2013-1557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[ 132 ] CVE-2013-1569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[ 133 ] CVE-2013-1571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[ 134 ] CVE-2013-2383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[ 135 ] CVE-2013-2384\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 136 ] CVE-2013-2407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 137 ] CVE-2013-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 138 ] CVE-2013-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 139 ] CVE-2013-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 140 ] CVE-2013-2419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 141 ] CVE-2013-2420\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 142 ] CVE-2013-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 143 ] CVE-2013-2422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 144 ] CVE-2013-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 145 ] CVE-2013-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 146 ] CVE-2013-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 147 ] CVE-2013-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 148 ] CVE-2013-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 149 ] CVE-2013-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 150 ] CVE-2013-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 151 ] CVE-2013-2443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 152 ] CVE-2013-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 153 ] CVE-2013-2445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 154 ] CVE-2013-2446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 155 ] CVE-2013-2447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 156 ] CVE-2013-2448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 157 ] CVE-2013-2449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 158 ] CVE-2013-2450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 159 ] CVE-2013-2451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 160 ] CVE-2013-2452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 161 ] CVE-2013-2453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 162 ] CVE-2013-2454\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 163 ] CVE-2013-2455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 164 ] CVE-2013-2456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 165 ] CVE-2013-2457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 166 ] CVE-2013-2458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 167 ] CVE-2013-2459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 168 ] CVE-2013-2460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 169 ] CVE-2013-2461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 170 ] CVE-2013-2463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 171 ] CVE-2013-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 172 ] CVE-2013-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 173 ] CVE-2013-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 174 ] CVE-2013-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 175 ] CVE-2013-2472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 176 ] CVE-2013-2473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 177 ] CVE-2013-3829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 178 ] CVE-2013-4002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002\n[ 179 ] CVE-2013-5772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 180 ] CVE-2013-5774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 181 ] CVE-2013-5778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 182 ] CVE-2013-5780\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 183 ] CVE-2013-5782\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 184 ] CVE-2013-5783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 185 ] CVE-2013-5784\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 186 ] CVE-2013-5790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 187 ] CVE-2013-5797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 188 ] CVE-2013-5800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 189 ] CVE-2013-5802\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 190 ] CVE-2013-5803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 191 ] CVE-2013-5804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 192 ] CVE-2013-5805\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 193 ] CVE-2013-5806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 194 ] CVE-2013-5809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 195 ] CVE-2013-5814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 196 ] CVE-2013-5817\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 197 ] CVE-2013-5820\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 198 ] CVE-2013-5823\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 199 ] CVE-2013-5825\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 200 ] CVE-2013-5829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 201 ] CVE-2013-5830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 202 ] CVE-2013-5840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 203 ] CVE-2013-5842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 204 ] CVE-2013-5849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 205 ] CVE-2013-5850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 206 ] CVE-2013-5851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 207 ] CVE-2013-6629\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629\n[ 208 ] CVE-2013-6954\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954\n[ 209 ] CVE-2014-0429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429\n[ 210 ] CVE-2014-0446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446\n[ 211 ] CVE-2014-0451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451\n[ 212 ] CVE-2014-0452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452\n[ 213 ] CVE-2014-0453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453\n[ 214 ] CVE-2014-0456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456\n[ 215 ] CVE-2014-0457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457\n[ 216 ] CVE-2014-0458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458\n[ 217 ] CVE-2014-0459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459\n[ 218 ] CVE-2014-0460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460\n[ 219 ] CVE-2014-0461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461\n[ 220 ] CVE-2014-1876\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876\n[ 221 ] CVE-2014-2397\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397\n[ 222 ] CVE-2014-2398\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398\n[ 223 ] CVE-2014-2403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403\n[ 224 ] CVE-2014-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412\n[ 225 ] CVE-2014-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414\n[ 226 ] CVE-2014-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421\n[ 227 ] CVE-2014-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423\n[ 228 ] CVE-2014-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201406-32.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2013-10-15-1 Java for OS X 2013-005 and\nMac OS X v10.6 Update 17\n\nJava for OS X 2013-005 and Mac OS X v10.6 Update 17 is now available\nand addresses the following:\n\nJava\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 or later, OS X Lion Server v10.7 or later,\nOS X Mountain Lion 10.8 or later\nImpact: Multiple vulnerabilities in Java 1.6.0_51\nDescription: 8011782 Multiple vulnerabilities existed in Java\n1.6.0_51, the most serious of which may allow an untrusted Java\napplet to execute arbitrary code outside the Java sandbox. These issues were addressed by updating to Java version\n1.6.0_65. Further information is available via the Java website at ht\ntp://www.oracle.com/technetwork/java/javase/releasenotes-136954.html\nCVE-ID\nCVE-2013-3829\nCVE-2013-4002\nCVE-2013-5772\nCVE-2013-5774\nCVE-2013-5776\nCVE-2013-5778\nCVE-2013-5780\nCVE-2013-5782\nCVE-2013-5783\nCVE-2013-5784\nCVE-2013-5787\nCVE-2013-5789\nCVE-2013-5790\nCVE-2013-5797\nCVE-2013-5801\nCVE-2013-5802\nCVE-2013-5803\nCVE-2013-5804\nCVE-2013-5809\nCVE-2013-5812\nCVE-2013-5814\nCVE-2013-5817\nCVE-2013-5818\nCVE-2013-5819\nCVE-2013-5820\nCVE-2013-5823\nCVE-2013-5824\nCVE-2013-5825\nCVE-2013-5829\nCVE-2013-5830\nCVE-2013-5831\nCVE-2013-5832\nCVE-2013-5840\nCVE-2013-5842\nCVE-2013-5843\nCVE-2013-5848\nCVE-2013-5849\nCVE-2013-5850\n\n\nJava for OS X 2013-005 and Mac OS X v10.6 Update 17\nmay be obtained from the Software Update pane in System Preferences,\nMac App Store, or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nFor Mac OS X v10.6 systems\nThe download file is named: JavaForMacOSX10.6update17.dmg\nIts SHA-1 digest is: 5dfe7eaebf9726352c97964da61d57fa28246c08\n\nFor OS X Lion and Mountain Lion systems\nThe download file is named: JavaForOSX2013-005.dmg\nIts SHA-1 digest is: ce78f9a916b91ec408c933bd0bde5973ca8a2dc4\n\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJSXYc6AAoJEPefwLHPlZEwD8EP/3aN1h4wIM/BjidF3ZY+PXf3\nLzgtb8yAxh03A+J3NJCd3BKmjINXIo9Wwt9aUTktEz4UefvpF+rIsgKSinotvQt0\nTmtsYPItFgs83Lj2IFBpCLurM+O0fUhje+mvVzR/KA7kHvrtXYRC5w2plWh32Smm\nD4Ejh8odeR0IU3OdWV5MJpcRoRpRySX16JOEJc76SIE0+sbOLHZ90rmzyPMB0S2u\njZRq8qY3DJS9C5De97gh8F/V76fV8Aiq6RwGPs9m+tJUCJe6XLEy8Wq/G3jlKXyr\n+KrradRl9Bz5oTUnVDlN9odoOGZ/J4nq4xs0RyN08uETKcw6315+7UTP3B+hD8IM\n1YyWeceCd8oHtWlR/02spwaku5ctxiUZpqXQ8DxDH3e8dONBfndfmKGUnywQSFd8\nvCgZR0SQgSbhtD/UnNGW9VgJsxKgO4gi17aVD/B9LYmMztsSB+wPkg96uTR6J7yh\n+ogJqYeOGsMvvQd8XY++ig1bhEsfzzauEWnq3G4WG8E+Fep+5RHZewxnhzakapqW\n2z7byXHNXtIP2cxL//DG/x4ed+gAWzKxZyPDPSrltw162mkJk/6mTedtpead4LH8\nOoi4Cf1HMbC9gdRBdtGNWo7EN9kr9rpajuRWjqxT5uTLAgJusKk5UnSO2KJtromy\nLos4PbyC//yRidZKynqx\n=I3n5\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: java-1.7.0-openjdk security update\nAdvisory ID: RHSA-2013:1447-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-1447.html\nIssue date: 2013-10-21\nCVE Names: CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 \n CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 \n CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 \n CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 \n CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 \n CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 \n CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 \n CVE-2013-5829 CVE-2013-5830 CVE-2013-5838 \n CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 \n CVE-2013-5850 CVE-2013-5851 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-openjdk packages that fix various security issues are\nnow available for Red Hat Enterprise Linux 5. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux (v. 5 server) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\n\n3. Description:\n\nThese packages provide the OpenJDK 7 Java Runtime Environment and the\nOpenJDK 7 Software Development Kit. \n\nMultiple input checking flaws were found in the 2D component native image\nparsing code. A specially crafted image file could trigger a Java Virtual\nMachine memory corruption and, possibly, lead to arbitrary code execution\nwith the privileges of the user running the Java Virtual Machine. \n(CVE-2013-5782)\n\nThe class loader did not properly check the package access for non-public\nproxy classes. A remote attacker could possibly use this flaw to execute\narbitrary code with the privileges of the user running the Java Virtual\nMachine. (CVE-2013-5830)\n\nMultiple improper permission check issues were discovered in the 2D, CORBA,\nJNDI, and Libraries components in OpenJDK. An untrusted Java application or\napplet could use these flaws to bypass Java sandbox restrictions. \n(CVE-2013-5829, CVE-2013-5814, CVE-2013-5817, CVE-2013-5842, CVE-2013-5850,\nCVE-2013-5838)\n\nMultiple input checking flaws were discovered in the JPEG image reading and\nwriting code in the 2D component. An untrusted Java application or applet\ncould use these flaws to corrupt the Java Virtual Machine memory and bypass\nJava sandbox restrictions. (CVE-2013-5809)\n\nThe FEATURE_SECURE_PROCESSING setting was not properly honored by the\njavax.xml.transform package transformers. A remote attacker could use this\nflaw to supply a crafted XML that would be processed without the intended\nsecurity restrictions. (CVE-2013-5802)\n\nMultiple errors were discovered in the way the JAXP and Security components\nprocesses XML inputs. A remote attacker could create a crafted XML that\nwould cause a Java application to use an excessive amount of CPU and memory\nwhen processed. (CVE-2013-5825, CVE-2013-4002, CVE-2013-5823)\n\nMultiple improper permission check issues were discovered in the Libraries,\nSwing, JAX-WS, JAXP, JGSS, AWT, Beans, and Scripting components in OpenJDK. \nAn untrusted Java application or applet could use these flaws to bypass\ncertain Java sandbox restrictions. (CVE-2013-3829, CVE-2013-5840,\nCVE-2013-5774, CVE-2013-5783, CVE-2013-5820, CVE-2013-5851, CVE-2013-5800,\nCVE-2013-5849, CVE-2013-5790, CVE-2013-5784)\n\nIt was discovered that the 2D component image library did not properly\ncheck bounds when performing image conversions. An untrusted Java\napplication or applet could use this flaw to disclose portions of the Java\nVirtual Machine memory. (CVE-2013-5778)\n\nMultiple input sanitization flaws were discovered in javadoc. When javadoc\ndocumentation was generated from an untrusted Java source code and hosted\non a domain not controlled by the code author, these issues could make it\neasier to perform cross-site scripting attacks. (CVE-2013-5804,\nCVE-2013-5797)\n\nVarious OpenJDK classes that represent cryptographic keys could leak\nprivate key information by including sensitive data in strings returned by\ntoString() methods. These flaws could possibly lead to an unexpected\nexposure of sensitive key data. (CVE-2013-5780)\n\nThe Java Heap Analysis Tool (jhat) failed to properly escape all data added\ninto the HTML pages it generated. Crafted content in the memory of a Java\nprogram analyzed using jhat could possibly be used to conduct cross-site\nscripting attacks. (CVE-2013-5772)\n\nThe Kerberos implementation in OpenJDK did not properly parse KDC\nresponses. A malformed packet could cause a Java application using JGSS to\nexit. (CVE-2013-5803)\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n1018713 - CVE-2013-5803 OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)\n1018717 - CVE-2013-5772 OpenJDK: insufficient html escaping in jhat (jhat, 8011081)\n1018720 - CVE-2013-5797 OpenJDK: insufficient escaping of window title string (Javadoc, 8016675)\n1018727 - CVE-2013-5784 OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299)\n1018736 - CVE-2013-5790 OpenJDK: insufficient security checks (Beans, 8012071)\n1018750 - CVE-2013-5849 OpenJDK: insufficient DataFlavor security checks (AWT, 8012277)\n1018755 - CVE-2013-5800 OpenJDK: default keytab path information leak (JGSS, 8022931)\n1018785 - CVE-2013-5780 OpenJDK: key data leak via toString() methods (Libraries, 8011071)\n1018831 - CVE-2013-5840 OpenJDK: getDeclaringClass() information leak (Libraries, 8014349)\n1018972 - CVE-2013-5820 OpenJDK: insufficient security checks (JAXWS, 8017505)\n1018977 - CVE-2013-5851 OpenJDK: XML stream factory finder information leak (JAXP, 8013502)\n1018984 - CVE-2013-5778 OpenJDK: image conversion out of bounds read (2D, 8014102)\n1019108 - CVE-2013-5782 OpenJDK: Incorrect awt_getPixelByte/awt_getPixelShort/awt_setPixelByte/awt_setPixelShort image raster checks (2D, 8014093)\n1019110 - CVE-2013-5830 OpenJDK: checkPackageAccess missing security check (Libraries, 8017291)\n1019113 - CVE-2013-5809 OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510)\n1019115 - CVE-2013-5829 OpenJDK: Java2d Disposer security bypass (2D, 8017287)\n1019117 - CVE-2013-5814 OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157)\n1019118 - CVE-2013-5817 OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)\n1019123 - CVE-2013-5842 OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)\n1019127 - CVE-2013-5850 OpenJDK: Missing CORBA security checks (Libraries, 8017196)\n1019130 - CVE-2013-5802 OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)\n1019131 - CVE-2013-5804 OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653)\n1019133 - CVE-2013-3829 OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)\n1019137 - CVE-2013-5783 OpenJDK: JTable not properly performing certain access checks (Swing, 8013744)\n1019139 - CVE-2013-5825 OpenJDK: XML parsing Denial of Service (JAXP, 8014530)\n1019145 - CVE-2013-5823 OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290)\n1019147 - CVE-2013-5774 OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743)\n1019176 - CVE-2013-4002 OpenJDK: XML parsing Denial of Service (JAXP, 8017298)\n1019300 - CVE-2013-5838 OpenJDK: Vulnerability in Libraries component (Libraries, 7023639)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.45-2.4.3.1.el5_10.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.45-2.4.3.1.el5_10.i386.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.45-2.4.3.1.el5_10.i386.rpm\njava-1.7.0-openjdk-demo-1.7.0.45-2.4.3.1.el5_10.i386.rpm\njava-1.7.0-openjdk-devel-1.7.0.45-2.4.3.1.el5_10.i386.rpm\njava-1.7.0-openjdk-javadoc-1.7.0.45-2.4.3.1.el5_10.i386.rpm\njava-1.7.0-openjdk-src-1.7.0.45-2.4.3.1.el5_10.i386.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm\njava-1.7.0-openjdk-javadoc-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.45-2.4.3.1.el5_10.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.45-2.4.3.1.el5_10.i386.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.45-2.4.3.1.el5_10.i386.rpm\njava-1.7.0-openjdk-demo-1.7.0.45-2.4.3.1.el5_10.i386.rpm\njava-1.7.0-openjdk-devel-1.7.0.45-2.4.3.1.el5_10.i386.rpm\njava-1.7.0-openjdk-javadoc-1.7.0.45-2.4.3.1.el5_10.i386.rpm\njava-1.7.0-openjdk-src-1.7.0.45-2.4.3.1.el5_10.i386.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm\njava-1.7.0-openjdk-javadoc-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.45-2.4.3.1.el5_10.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-3829.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-4002.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5772.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5774.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5778.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5780.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5782.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5783.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5784.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5790.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5797.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5800.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5802.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5803.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5804.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5809.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5814.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5817.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5820.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5823.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5825.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5829.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5830.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5838.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5840.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5842.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5849.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5850.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-5851.html\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFSZWg6XlSAg2UNWIIRAtrcAJ9Pr8HUGP6KoZuAOmHGz4SotHk0CwCgmOVZ\n5FtHw7EpRVvpS7dBLzZEHE0=\n=QE5j\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ============================================================================\nUbuntu Security Notice USN-2033-1\nNovember 21, 2013\n\nopenjdk-6 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenJDK 6. An attacker could exploit these\nto expose sensitive data over the network. (CVE-2013-3829, CVE-2013-5783,\nCVE-2013-5804)\n\nSeveral vulnerabilities were discovered in the OpenJDK JRE related to\navailability. An attacker could exploit these to cause a denial of service. \n(CVE-2013-4002, CVE-2013-5803, CVE-2013-5823, CVE-2013-5825)\n\nSeveral vulnerabilities were discovered in the OpenJDK JRE related to data\nintegrity. An attacker could exploit these to expose sensitive\ndata over the network. An attacker could\nexploit these to cause a denial of service or expose sensitive data over\nthe network. (CVE-2013-5782, CVE-2013-5802, CVE-2013-5809, CVE-2013-5829,\nCVE-2013-5814, CVE-2013-5817, CVE-2013-5830, CVE-2013-5842, CVE-2013-5850)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n icedtea-6-jre-cacao 6b27-1.12.6-1ubuntu0.12.04.4\n icedtea-6-jre-jamvm 6b27-1.12.6-1ubuntu0.12.04.4\n openjdk-6-jre 6b27-1.12.6-1ubuntu0.12.04.4\n openjdk-6-jre-headless 6b27-1.12.6-1ubuntu0.12.04.4\n openjdk-6-jre-lib 6b27-1.12.6-1ubuntu0.12.04.4\n openjdk-6-jre-zero 6b27-1.12.6-1ubuntu0.12.04.4\n\nUbuntu 10.04 LTS:\n icedtea-6-jre-cacao 6b27-1.12.6-1ubuntu0.10.04.4\n openjdk-6-jre 6b27-1.12.6-1ubuntu0.10.04.4\n openjdk-6-jre-headless 6b27-1.12.6-1ubuntu0.10.04.4\n openjdk-6-jre-lib 6b27-1.12.6-1ubuntu0.10.04.4\n openjdk-6-jre-zero 6b27-1.12.6-1ubuntu0.10.04.4\n\nThis update uses a new upstream release, which includes additional bug\nfixes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04031205\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04031205\nVersion: 1\n\nHPSBUX02943 rev.1 - HP-UX Running Java6, Remote Unauthorized Access,\nDisclosure of Information, and Other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2013-12-04\nLast Updated: 2013-12-04\n\nPotential Security Impact: Remote unauthorized access, disclosure of\ninformation, and other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in the Java Runtime\nEnvironment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These\nvulnerabilities could allow remote unauthorized access, disclosure of\ninformation, and other exploits. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v6.0.20 and\nearlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2013-3829 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2013-4002 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2013-5772 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6\nCVE-2013-5774 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5776 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5778 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-5780 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2013-5782 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5783 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2013-5784 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2013-5787 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5789 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5790 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2013-5797 (AV:N/AC:M/Au:S/C:N/I:P/A:N) 3.5\nCVE-2013-5801 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-5802 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2013-5803 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6\nCVE-2013-5804 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2013-5809 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5812 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4\nCVE-2013-5814 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5817 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5818 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5819 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5820 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5823 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-5824 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5825 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-5829 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5830 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5831 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5840 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-5842 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5843 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-5848 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-5849 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2013-5852 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following Java version upgrade to resolve these\nvulnerabilities. \n\nThe upgrade is available from the following location: http://www.hp.com/java\n\nOS Version\n Release Version\n\nHP-UX B.11.11, B.11.23, B.11.31\n JDK and JRE v6.0.21 or subsequent\n\nMANUAL ACTIONS: Yes - Update\nFor Java v6.0 update to Java v6.0.21 or subsequent\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\nHP-UX B.11.23\n===========\nJdk60.JDK60-COM\nJdk60.JDK60-PA20\nJdk60.JDK60-PA20W\nJre60.JRE60-COM\nJre60.JRE60-COM-DOC\nJre60.JRE60-PA20\nJre60.JRE60-PA20-HS\nJre60.JRE60-PA20W\nJre60.JRE60-PA20W-HS\nJdk60.JDK60-IPF32\nJdk60.JDK60-IPF64\nJre60.JRE60-COM\nJre60.JRE60-IPF32\nJre60.JRE60-IPF32-HS\nJre60.JRE60-IPF64\nJre60.JRE60-IPF64-HS\naction: install revision 1.6.0.21.00 or subsequent\n\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJdk60.JDK60-COM\nJdk60.JDK60-IPF32\nJdk60.JDK60-IPF64\nJre60.JRE60-IPF32\nJre60.JRE60-IPF32-HS\nJre60.JRE60-IPF64\nJre60.JRE60-IPF64-HS\nJre60.JRE60-COM\nJre60.JRE60-IPF32\nJre60.JRE60-IPF32-HS\nJre60.JRE60-IPF64\nJre60.JRE60-IPF64-HS\naction: install revision 1.6.0.21.00 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 4 December 2013 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2013 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5782"
},
{
"db": "BID",
"id": "63103"
},
{
"db": "VULMON",
"id": "CVE-2013-5782"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "123649"
},
{
"db": "PACKETSTORM",
"id": "123941"
},
{
"db": "PACKETSTORM",
"id": "123647"
},
{
"db": "PACKETSTORM",
"id": "126195"
},
{
"db": "PACKETSTORM",
"id": "123689"
},
{
"db": "PACKETSTORM",
"id": "124143"
},
{
"db": "PACKETSTORM",
"id": "124385"
}
],
"trust": 1.98
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2013-5782",
"trust": 2.8
},
{
"db": "HITACHI",
"id": "HS13-025",
"trust": 2.0
},
{
"db": "BID",
"id": "63103",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "56338",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201310-362",
"trust": 0.6
},
{
"db": "MCAFEE",
"id": "SB10058",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-213-02",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2013-5782",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127267",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123649",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123941",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123647",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126195",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123689",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124143",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124385",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-5782"
},
{
"db": "BID",
"id": "63103"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "123649"
},
{
"db": "PACKETSTORM",
"id": "123941"
},
{
"db": "PACKETSTORM",
"id": "123647"
},
{
"db": "PACKETSTORM",
"id": "126195"
},
{
"db": "PACKETSTORM",
"id": "123689"
},
{
"db": "PACKETSTORM",
"id": "124143"
},
{
"db": "PACKETSTORM",
"id": "124385"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-362"
},
{
"db": "NVD",
"id": "CVE-2013-5782"
}
]
},
"id": "VAR-201310-0349",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2026-04-10T23:00:38.420000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Oracle Java SE/JRockit/Java SE Embedded 2D Fixes for component security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=192769"
},
{
"title": "Red Hat: CVE-2013-5782",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2013-5782"
},
{
"title": "Red Hat: Important: java-1.5.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131509 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.6.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131505 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131447 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131451 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.6.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131508 - Security Advisory"
},
{
"title": "Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131793 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131507 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-oracle security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131440 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: openjdk-6 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2033-1"
},
{
"title": "Amazon Linux AMI: ALAS-2013-246",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2013-246"
},
{
"title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2089-1"
},
{
"title": "Amazon Linux AMI: ALAS-2013-235",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2013-235"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2013/10/16/oracle_quarterly_patch_batch/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/oracle-quarterly-update-includes-patches-for-50-remotely-executable-java-bugs/102596/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-5782"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-362"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5782"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.2,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"trust": 2.0,
"url": "http://support.apple.com/kb/ht5982"
},
{
"trust": 2.0,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs13-025/index.html"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1440.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1447.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1507.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-2033-1"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/63103"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1451.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2013/oct/msg00001.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019108"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1505.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1508.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1793.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1509.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/56338"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2089-1"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a18645"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2014:0414"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5774"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5814"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5782"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5804"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5797"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-3829"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5772"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5780"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5778"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5802"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5783"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5809"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5790"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5784"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5803"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4002"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5817"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5812"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5801"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5776"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5820"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5789"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5787"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5817.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5797.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5782.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5802.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5803.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5778.html"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5823.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5783.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5780.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5850.html"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5842.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5849.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5840.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-3829.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5772.html"
},
{
"trust": 0.4,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5820.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5809.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5825.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5774.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5830.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5784.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5790.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5804.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5814.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5829.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100177048"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/java/index.html"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04031205"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04031212"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04126444"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24036549"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24036518"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659530"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg400001745"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664964"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1iv53964"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100176223"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10058"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659219"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1iv52145"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21662535"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670264"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21664002"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659761"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659757"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21662428"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655990"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21660039"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/connections/blogs/psirt/entry/security_bulletin_security_vulnerabilities_for_ibm_java_on_aix?lang=en_us"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21664098"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas38fe73318db4e6c8786257c32007ee70b"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas3be721f674cf321ba86257c32007ee712"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24036927"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0002.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5825"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5823"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5818"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5800.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5832.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5800"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5801.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5818.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5824.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5789.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5812.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5831.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5776.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5848.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5851.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5838.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5819.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5787.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5843.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-4002.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5824"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5819"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5788.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5788"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5852.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5830"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5840"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5842"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5849"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5850"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/oracle-quarterly-update-includes-patches-for-50-remotely-executable-java-bugs/102596/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2013-5782"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=31270"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2033-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3551"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://www.oracle.com/technetwork/java/javase/releasenotes-136954.html"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5372"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5457"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5375"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5458.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5372.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5456.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5456"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4041"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5375.html"
},
{
"trust": 0.1,
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-4041.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5458"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5457.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5846.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5775.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5844.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5777.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5854.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5810"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5810.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/java/javase/7u45-relnotes-2016950.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/java/javase/7u40-relnotes-2004172.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5777"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5775"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2468.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2456"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0451.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2464"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2455"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0449.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2463.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2446.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5896.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1500.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0452.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2444.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2445.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2454.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2459"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1571"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0414.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5910.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0446.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2468"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2466"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2465"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2446"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2451"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2451.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2450"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5899.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0457.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2442"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2453"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2420.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2469"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2445"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2409.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-6629.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0416.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0453.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-6954.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2456.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-3743.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0403.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1500"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2407.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2470.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0422.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5902.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5889.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0415.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2437"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2471.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2403.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0375.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2443.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0423.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5878.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2457.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2412.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2407"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2447"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0376.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2443"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2461.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2452"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0410.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2447.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2452.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2427.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2464.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1571.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2463"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5907.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2465.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2472.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2466.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0373.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0458.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2453.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0411.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0460.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2473.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2454"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2437.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2444"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5905.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0417.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0424.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2412.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2398.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2450.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5898.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2457"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2455.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2421.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2459.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5884.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0461.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2423.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2461"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2414.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5887.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2448.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0418.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5906.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0387.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-1876.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2401.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0456.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2469.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5888.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2412"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0429.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5829"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5838"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.6-1ubuntu0.10.04.4"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5851"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.6-1ubuntu0.12.04.4"
},
{
"trust": 0.1,
"url": "http://www.hp.com/java"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-5782"
},
{
"db": "BID",
"id": "63103"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "123649"
},
{
"db": "PACKETSTORM",
"id": "123941"
},
{
"db": "PACKETSTORM",
"id": "123647"
},
{
"db": "PACKETSTORM",
"id": "126195"
},
{
"db": "PACKETSTORM",
"id": "123689"
},
{
"db": "PACKETSTORM",
"id": "124143"
},
{
"db": "PACKETSTORM",
"id": "124385"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-362"
},
{
"db": "NVD",
"id": "CVE-2013-5782"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2013-5782",
"ident": null
},
{
"db": "BID",
"id": "63103",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127267",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123649",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123941",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123647",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126195",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123689",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "124143",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "124385",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201310-362",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2013-5782",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2013-10-16T00:00:00",
"db": "VULMON",
"id": "CVE-2013-5782",
"ident": null
},
{
"date": "2013-10-15T00:00:00",
"db": "BID",
"id": "63103",
"ident": null
},
{
"date": "2014-06-30T23:39:28",
"db": "PACKETSTORM",
"id": "127267",
"ident": null
},
{
"date": "2013-10-17T21:22:25",
"db": "PACKETSTORM",
"id": "123649",
"ident": null
},
{
"date": "2013-11-07T13:33:00",
"db": "PACKETSTORM",
"id": "123941",
"ident": null
},
{
"date": "2013-10-17T20:25:58",
"db": "PACKETSTORM",
"id": "123647",
"ident": null
},
{
"date": "2014-04-17T22:01:36",
"db": "PACKETSTORM",
"id": "126195",
"ident": null
},
{
"date": "2013-10-21T19:09:54",
"db": "PACKETSTORM",
"id": "123689",
"ident": null
},
{
"date": "2013-11-22T02:10:22",
"db": "PACKETSTORM",
"id": "124143",
"ident": null
},
{
"date": "2013-12-11T06:57:28",
"db": "PACKETSTORM",
"id": "124385",
"ident": null
},
{
"date": "2013-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-362",
"ident": null
},
{
"date": "2013-10-16T15:55:34.490000",
"db": "NVD",
"id": "CVE-2013-5782",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-01-05T00:00:00",
"db": "VULMON",
"id": "CVE-2013-5782",
"ident": null
},
{
"date": "2017-08-22T14:12:00",
"db": "BID",
"id": "63103",
"ident": null
},
{
"date": "2022-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-362",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-5782",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "123689"
},
{
"db": "PACKETSTORM",
"id": "124385"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-362"
}
],
"trust": 0.8
},
"title": {
"_id": null,
"data": "Oracle Java SE/JRockit/Java SE Embedded 2D Component security vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201310-362"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201310-362"
}
],
"trust": 0.6
}
}
VAR-201506-0464
Vulnerability from variot - Updated: 2026-04-10 22:57Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive. PHP is prone to a buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. The following versions are affected: PHP prior to 5.4.40, 5.5.x prior to 5.5.24, and 5.6.x prior to 5.6.8. ========================================================================== Ubuntu Security Notice USN-2572-1 April 20, 2015
php5 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in PHP. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-2348)
It was discovered that PHP incorrectly handled unserializing PHAR files. (CVE-2015-2787)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.10: libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.4 php5-cgi 5.5.12+dfsg-2ubuntu4.4 php5-cli 5.5.12+dfsg-2ubuntu4.4 php5-fpm 5.5.12+dfsg-2ubuntu4.4
Ubuntu 14.04 LTS: libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.9 php5-cgi 5.5.9+dfsg-1ubuntu4.9 php5-cli 5.5.9+dfsg-1ubuntu4.9 php5-fpm 5.5.9+dfsg-1ubuntu4.9
Ubuntu 12.04 LTS: libapache2-mod-php5 5.3.10-1ubuntu3.18 php5-cgi 5.3.10-1ubuntu3.18 php5-cli 5.3.10-1ubuntu3.18 php5-fpm 5.3.10-1ubuntu3.18
Ubuntu 10.04 LTS: libapache2-mod-php5 5.3.2-1ubuntu4.30 php5-cgi 5.3.2-1ubuntu4.30 php5-cli 5.3.2-1ubuntu4.30
In general, a standard system update will make all the necessary changes. 6) - i386, x86_64
- (CVE-2014-9709)
A double free flaw was found in zend_ts_hash_graceful_destroy() function in the PHP ZTS module. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: php security and bug fix update Advisory ID: RHSA-2015:1135-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1135.html Issue date: 2015-06-23 CVE Names: CVE-2014-8142 CVE-2014-9652 CVE-2014-9705 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 CVE-2015-0273 CVE-2015-2301 CVE-2015-2348 CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 CVE-2015-3412 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 CVE-2015-4147 CVE-2015-4148 CVE-2015-4598 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 CVE-2015-4605 =====================================================================
- Summary:
Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330)
A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024)
An uninitialized pointer use flaw was found in PHP's Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_read_data() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2015-0232)
An integer overflow flaw leading to a heap-based buffer overflow was found in the way PHP's FTP extension parsed file listing FTP server responses. A malicious FTP server could use this flaw to cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2015-4022)
Multiple flaws were discovered in the way PHP performed object unserialization. (CVE-2014-8142, CVE-2015-0231, CVE-2015-0273, CVE-2015-2787, CVE-2015-4147, CVE-2015-4148, CVE-2015-4599, CVE-2015-4600, CVE-2015-4601, CVE-2015-4602, CVE-2015-4603)
It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2015-2348, CVE-2015-4025, CVE-2015-4026, CVE-2015-3411, CVE-2015-3412, CVE-2015-4598)
Multiple flaws were found in the way the way PHP's Phar extension parsed Phar archives. (CVE-2015-2301, CVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-4021)
Multiple flaws were found in PHP's File Information (fileinfo) extension. A remote attacker could cause a PHP application to crash if it used fileinfo to identify type of attacker supplied files. (CVE-2014-9652, CVE-2015-4604, CVE-2015-4605)
A heap buffer overflow flaw was found in the enchant_broker_request_dict() function of PHP's enchant extension. An attacker able to make a PHP application enchant dictionaries could possibly cause it to crash. (CVE-2014-9705)
A buffer over-read flaw was found in the GD library used by the PHP gd extension. A specially crafted GIF file could cause a PHP application using the imagecreatefromgif() function to crash. (CVE-2014-9709)
This update also fixes the following bugs:
-
The libgmp library in some cases terminated unexpectedly with a segmentation fault when being used with other libraries that use the GMP memory management. With this update, PHP no longer changes libgmp memory allocators, which prevents the described crash from occurring. (BZ#1212305)
-
When using the Open Database Connectivity (ODBC) API, the PHP process in some cases terminated unexpectedly with a segmentation fault. The underlying code has been adjusted to prevent this crash. (BZ#1212299)
-
Previously, running PHP on a big-endian system sometimes led to memory corruption in the fileinfo module. This update adjusts the behavior of the PHP pointer so that it can be freed without causing memory corruption. (BZ#1212298)
All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1175718 - CVE-2014-8142 php: use after free vulnerability in unserialize() 1185397 - CVE-2015-0231 php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142) 1185472 - CVE-2015-0232 php: Free called on unitialized pointer in exif.c 1188599 - CVE-2014-9652 file: out of bounds read in mconvert() 1188639 - CVE-2014-9709 gd: buffer read overflow in gd_gif_in.c 1194730 - CVE-2015-0273 php: use after free vulnerability in unserialize() with DateTimeZone 1194737 - CVE-2014-9705 php: heap buffer overflow in enchant_broker_request_dict() 1194747 - CVE-2015-2301 php: use after free in phar_object.c 1204868 - CVE-2015-4147 php: SoapClient's __call() type confusion through unserialize() 1207676 - CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re 1207682 - CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name 1213394 - CVE-2015-3330 php: pipelined request executed in deinitialized interpreter under httpd 2.4 1213407 - CVE-2015-3411 php: missing null byte checks for paths in various PHP extensions 1213442 - CVE-2015-4604 CVE-2015-4605 php: denial of service when processing a crafted file with Fileinfo 1213446 - CVE-2015-2783 php: buffer over-read in Phar metadata parsing 1213449 - CVE-2015-3329 php: buffer overflow in phar_set_inode() 1222485 - CVE-2015-4024 php: multipart/form-data request paring CPU usage DoS 1222538 - CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 php: type confusion issue in unserialize() with various SOAP methods 1223408 - CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+ 1223412 - CVE-2015-4022 php: integer overflow leading to heap overflow when reading FTP file listing 1223422 - CVE-2015-4026 php: pcntl_exec() accepts paths with NUL character 1223425 - CVE-2015-4021 php: memory corruption in phar_parse_tarfile caused by empty entry file name 1223441 - CVE-2015-3307 php: invalid pointer free() in phar_tar_process_metadata() 1226916 - CVE-2015-4148 php: SoapClient's do_soap_call() type confusion after unserialize() 1232823 - CVE-2015-3412 php: missing null byte checks for paths in various PHP extensions 1232897 - CVE-2015-4598 php: missing null byte checks for paths in DOM and GD extensions 1232918 - CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize 1232923 - CVE-2015-4602 php: Incomplete Class unserialization type confusion
- Package List:
Red Hat Enterprise Linux Client Optional (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
ppc64: php-5.4.16-36.el7_1.ppc64.rpm php-cli-5.4.16-36.el7_1.ppc64.rpm php-common-5.4.16-36.el7_1.ppc64.rpm php-debuginfo-5.4.16-36.el7_1.ppc64.rpm php-gd-5.4.16-36.el7_1.ppc64.rpm php-ldap-5.4.16-36.el7_1.ppc64.rpm php-mysql-5.4.16-36.el7_1.ppc64.rpm php-odbc-5.4.16-36.el7_1.ppc64.rpm php-pdo-5.4.16-36.el7_1.ppc64.rpm php-pgsql-5.4.16-36.el7_1.ppc64.rpm php-process-5.4.16-36.el7_1.ppc64.rpm php-recode-5.4.16-36.el7_1.ppc64.rpm php-soap-5.4.16-36.el7_1.ppc64.rpm php-xml-5.4.16-36.el7_1.ppc64.rpm php-xmlrpc-5.4.16-36.el7_1.ppc64.rpm
s390x: php-5.4.16-36.el7_1.s390x.rpm php-cli-5.4.16-36.el7_1.s390x.rpm php-common-5.4.16-36.el7_1.s390x.rpm php-debuginfo-5.4.16-36.el7_1.s390x.rpm php-gd-5.4.16-36.el7_1.s390x.rpm php-ldap-5.4.16-36.el7_1.s390x.rpm php-mysql-5.4.16-36.el7_1.s390x.rpm php-odbc-5.4.16-36.el7_1.s390x.rpm php-pdo-5.4.16-36.el7_1.s390x.rpm php-pgsql-5.4.16-36.el7_1.s390x.rpm php-process-5.4.16-36.el7_1.s390x.rpm php-recode-5.4.16-36.el7_1.s390x.rpm php-soap-5.4.16-36.el7_1.s390x.rpm php-xml-5.4.16-36.el7_1.s390x.rpm php-xmlrpc-5.4.16-36.el7_1.s390x.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: php-5.4.16-36.ael7b_1.src.rpm
ppc64le: php-5.4.16-36.ael7b_1.ppc64le.rpm php-cli-5.4.16-36.ael7b_1.ppc64le.rpm php-common-5.4.16-36.ael7b_1.ppc64le.rpm php-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm php-gd-5.4.16-36.ael7b_1.ppc64le.rpm php-ldap-5.4.16-36.ael7b_1.ppc64le.rpm php-mysql-5.4.16-36.ael7b_1.ppc64le.rpm php-odbc-5.4.16-36.ael7b_1.ppc64le.rpm php-pdo-5.4.16-36.ael7b_1.ppc64le.rpm php-pgsql-5.4.16-36.ael7b_1.ppc64le.rpm php-process-5.4.16-36.ael7b_1.ppc64le.rpm php-recode-5.4.16-36.ael7b_1.ppc64le.rpm php-soap-5.4.16-36.ael7b_1.ppc64le.rpm php-xml-5.4.16-36.ael7b_1.ppc64le.rpm php-xmlrpc-5.4.16-36.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: php-bcmath-5.4.16-36.el7_1.ppc64.rpm php-dba-5.4.16-36.el7_1.ppc64.rpm php-debuginfo-5.4.16-36.el7_1.ppc64.rpm php-devel-5.4.16-36.el7_1.ppc64.rpm php-embedded-5.4.16-36.el7_1.ppc64.rpm php-enchant-5.4.16-36.el7_1.ppc64.rpm php-fpm-5.4.16-36.el7_1.ppc64.rpm php-intl-5.4.16-36.el7_1.ppc64.rpm php-mbstring-5.4.16-36.el7_1.ppc64.rpm php-mysqlnd-5.4.16-36.el7_1.ppc64.rpm php-pspell-5.4.16-36.el7_1.ppc64.rpm php-snmp-5.4.16-36.el7_1.ppc64.rpm
s390x: php-bcmath-5.4.16-36.el7_1.s390x.rpm php-dba-5.4.16-36.el7_1.s390x.rpm php-debuginfo-5.4.16-36.el7_1.s390x.rpm php-devel-5.4.16-36.el7_1.s390x.rpm php-embedded-5.4.16-36.el7_1.s390x.rpm php-enchant-5.4.16-36.el7_1.s390x.rpm php-fpm-5.4.16-36.el7_1.s390x.rpm php-intl-5.4.16-36.el7_1.s390x.rpm php-mbstring-5.4.16-36.el7_1.s390x.rpm php-mysqlnd-5.4.16-36.el7_1.s390x.rpm php-pspell-5.4.16-36.el7_1.s390x.rpm php-snmp-5.4.16-36.el7_1.s390x.rpm
x86_64: php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64le: php-bcmath-5.4.16-36.ael7b_1.ppc64le.rpm php-dba-5.4.16-36.ael7b_1.ppc64le.rpm php-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm php-devel-5.4.16-36.ael7b_1.ppc64le.rpm php-embedded-5.4.16-36.ael7b_1.ppc64le.rpm php-enchant-5.4.16-36.ael7b_1.ppc64le.rpm php-fpm-5.4.16-36.ael7b_1.ppc64le.rpm php-intl-5.4.16-36.ael7b_1.ppc64le.rpm php-mbstring-5.4.16-36.ael7b_1.ppc64le.rpm php-mysqlnd-5.4.16-36.ael7b_1.ppc64le.rpm php-pspell-5.4.16-36.ael7b_1.ppc64le.rpm php-snmp-5.4.16-36.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-8142 https://access.redhat.com/security/cve/CVE-2014-9652 https://access.redhat.com/security/cve/CVE-2014-9705 https://access.redhat.com/security/cve/CVE-2014-9709 https://access.redhat.com/security/cve/CVE-2015-0231 https://access.redhat.com/security/cve/CVE-2015-0232 https://access.redhat.com/security/cve/CVE-2015-0273 https://access.redhat.com/security/cve/CVE-2015-2301 https://access.redhat.com/security/cve/CVE-2015-2348 https://access.redhat.com/security/cve/CVE-2015-2783 https://access.redhat.com/security/cve/CVE-2015-2787 https://access.redhat.com/security/cve/CVE-2015-3307 https://access.redhat.com/security/cve/CVE-2015-3329 https://access.redhat.com/security/cve/CVE-2015-3330 https://access.redhat.com/security/cve/CVE-2015-3411 https://access.redhat.com/security/cve/CVE-2015-3412 https://access.redhat.com/security/cve/CVE-2015-4021 https://access.redhat.com/security/cve/CVE-2015-4022 https://access.redhat.com/security/cve/CVE-2015-4024 https://access.redhat.com/security/cve/CVE-2015-4025 https://access.redhat.com/security/cve/CVE-2015-4026 https://access.redhat.com/security/cve/CVE-2015-4147 https://access.redhat.com/security/cve/CVE-2015-4148 https://access.redhat.com/security/cve/CVE-2015-4598 https://access.redhat.com/security/cve/CVE-2015-4599 https://access.redhat.com/security/cve/CVE-2015-4600 https://access.redhat.com/security/cve/CVE-2015-4601 https://access.redhat.com/security/cve/CVE-2015-4602 https://access.redhat.com/security/cve/CVE-2015-4603 https://access.redhat.com/security/cve/CVE-2015-4604 https://access.redhat.com/security/cve/CVE-2015-4605 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFViR1aXlSAg2UNWIIRAuxPAJ42GLQVzvzc9kje0VjDv8NZWcPv6QCbBL+O dtqycPWs+07GhjmZ6NNx5Bg= =FREZ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201606-10
https://security.gentoo.org/
Severity: Normal Title: PHP: Multiple vulnerabilities Date: June 19, 2016 Bugs: #537586, #541098, #544186, #544330, #546872, #549538, #552408, #555576, #555830, #556952, #559612, #562882, #571254, #573892, #577376 ID: 201606-10
Synopsis
Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution, or cause a Denial of Service condition.
Background
PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All PHP 5.4 users should upgrade to the latest 5.5 stable branch, as PHP 5.4 is now masked in Portage:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev=lang/php-5.5.33"
All PHP 5.5 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev=lang/php-5.5.33"
All PHP 5.6 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev=lang/php-5.6.19"
References
[ 1 ] CVE-2013-6501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6501 [ 2 ] CVE-2014-9705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9705 [ 3 ] CVE-2014-9709 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9709 [ 4 ] CVE-2015-0231 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0231 [ 5 ] CVE-2015-0273 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0273 [ 6 ] CVE-2015-1351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1351 [ 7 ] CVE-2015-1352 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1352 [ 8 ] CVE-2015-2301 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2301 [ 9 ] CVE-2015-2348 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2348 [ 10 ] CVE-2015-2783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2783 [ 11 ] CVE-2015-2787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2787 [ 12 ] CVE-2015-3329 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3329 [ 13 ] CVE-2015-3330 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3330 [ 14 ] CVE-2015-4021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4021 [ 15 ] CVE-2015-4022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4022 [ 16 ] CVE-2015-4025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4025 [ 17 ] CVE-2015-4026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4026 [ 18 ] CVE-2015-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4147 [ 19 ] CVE-2015-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4148 [ 20 ] CVE-2015-4642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4642 [ 21 ] CVE-2015-4643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4643 [ 22 ] CVE-2015-4644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4644 [ 23 ] CVE-2015-6831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6831 [ 24 ] CVE-2015-6832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6832 [ 25 ] CVE-2015-6833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6833 [ 26 ] CVE-2015-6834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6834 [ 27 ] CVE-2015-6835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6835 [ 28 ] CVE-2015-6836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6836 [ 29 ] CVE-2015-6837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6837 [ 30 ] CVE-2015-6838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6838 [ 31 ] CVE-2015-7803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7803 [ 32 ] CVE-2015-7804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7804
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201606-10
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
Buffer Overflow when parsing tar/zip/phar in phar_set_inode (CVE-2015-3329).
Potential remote code execution with apache 2.4 apache2handler (CVE-2015-3330).
Additionally the timezonedb packages has been upgraded to the latest version and the PECL packages which requires so has been rebuilt for php-5.5.24.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3329 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3330 http://advisories.mageia.org/MGASA-2015-0169.html
Updated Packages:
Mandriva Business Server 1/X86_64: fb5b4628263a821fb3e4075a5fb4e5b4 mbs1/x86_64/apache-mod_php-5.5.24-1.mbs1.x86_64.rpm 3c7f76ada5ccad65c212ee350fdffe87 mbs1/x86_64/lib64php5_common5-5.5.24-1.mbs1.x86_64.rpm 5400e21c3eaecc346e1eb8c712e9478f mbs1/x86_64/php-apc-3.1.15-1.18.mbs1.x86_64.rpm 90ae23234441a8de169207ff7f045684 mbs1/x86_64/php-apc-admin-3.1.15-1.18.mbs1.x86_64.rpm a39b53bcacc941035d830ce1052540b3 mbs1/x86_64/php-bcmath-5.5.24-1.mbs1.x86_64.rpm ada97c19882cf313e4d7ebba0909f6d8 mbs1/x86_64/php-bz2-5.5.24-1.mbs1.x86_64.rpm c6e5c880827c6bc76dfb1c15460637b4 mbs1/x86_64/php-calendar-5.5.24-1.mbs1.x86_64.rpm 6535a7223184cec5ac17edb9e1d31388 mbs1/x86_64/php-cgi-5.5.24-1.mbs1.x86_64.rpm 16aa52d7dd47cc27cb5d7aec420944eb mbs1/x86_64/php-cli-5.5.24-1.mbs1.x86_64.rpm 7983f9d1bf3039b5efdb0ed70329cccd mbs1/x86_64/php-ctype-5.5.24-1.mbs1.x86_64.rpm 3cbc805a1610b54d191e2e3ca99c3ae4 mbs1/x86_64/php-curl-5.5.24-1.mbs1.x86_64.rpm f53dd6f08013c00ae1c95df14671624e mbs1/x86_64/php-dba-5.5.24-1.mbs1.x86_64.rpm e2a5d632a8581e27a366191c9fd86424 mbs1/x86_64/php-devel-5.5.24-1.mbs1.x86_64.rpm 37bb13541a04b935c93600dc63e98047 mbs1/x86_64/php-doc-5.5.24-1.mbs1.noarch.rpm fad46645f9afb86eedf094cbe82eaebe mbs1/x86_64/php-dom-5.5.24-1.mbs1.x86_64.rpm 22141396e7bccb2aac8a2e7c0d0f02aa mbs1/x86_64/php-enchant-5.5.24-1.mbs1.x86_64.rpm e3f7bc72aad9e3fb7b9f25f64d9ca95c mbs1/x86_64/php-exif-5.5.24-1.mbs1.x86_64.rpm 53a76b203f90a9008eb35cdf93aac246 mbs1/x86_64/php-fileinfo-5.5.24-1.mbs1.x86_64.rpm 7cb8c9592f48413f3783f49947563a8f mbs1/x86_64/php-filter-5.5.24-1.mbs1.x86_64.rpm 3d34478d09bbf6848c8c2eaea0156feb mbs1/x86_64/php-fpm-5.5.24-1.mbs1.x86_64.rpm fc47e9e9b740e94e5210854b7872af8f mbs1/x86_64/php-ftp-5.5.24-1.mbs1.x86_64.rpm e22e5cf59f7d0c361b41e220fd0ebbde mbs1/x86_64/php-gd-5.5.24-1.mbs1.x86_64.rpm cd5fef5777b58e0562ddeb3ca4b4e1dd mbs1/x86_64/php-gettext-5.5.24-1.mbs1.x86_64.rpm aba136588f2c77f2cca4bcc300e7f0b5 mbs1/x86_64/php-gmp-5.5.24-1.mbs1.x86_64.rpm 8752b1e4f863b2cdadf08cfdcaf462f7 mbs1/x86_64/php-hash-5.5.24-1.mbs1.x86_64.rpm 36bef8c7e03cdffd66a4553266e1a13d mbs1/x86_64/php-iconv-5.5.24-1.mbs1.x86_64.rpm 0b405f5f49d174745a4135e033fbe234 mbs1/x86_64/php-imap-5.5.24-1.mbs1.x86_64.rpm fc25a10fb623016b5e95595aa114274a mbs1/x86_64/php-ini-5.5.24-1.mbs1.x86_64.rpm c4435a44b199cd4fadca0cac247aca06 mbs1/x86_64/php-intl-5.5.24-1.mbs1.x86_64.rpm ec611fd14d6b502990fe0a3ab243211a mbs1/x86_64/php-json-5.5.24-1.mbs1.x86_64.rpm 519c8ae2df9aeca23d15953470c3a485 mbs1/x86_64/php-ldap-5.5.24-1.mbs1.x86_64.rpm f52168266f3d1df5a333f2acb83c7739 mbs1/x86_64/php-mbstring-5.5.24-1.mbs1.x86_64.rpm 8fed199f0b2be5b2d1780bed11c5c5d6 mbs1/x86_64/php-mcrypt-5.5.24-1.mbs1.x86_64.rpm e5d5276bcfaa7d951b4b543e76949a2f mbs1/x86_64/php-mssql-5.5.24-1.mbs1.x86_64.rpm 0a34a8334cd8a3e4d7867a962df62f15 mbs1/x86_64/php-mysql-5.5.24-1.mbs1.x86_64.rpm 3fd0dcc4cb8c4ef136c68e243788aa85 mbs1/x86_64/php-mysqli-5.5.24-1.mbs1.x86_64.rpm d9db3dd5963888f69b11cdaa1d1c97e4 mbs1/x86_64/php-mysqlnd-5.5.24-1.mbs1.x86_64.rpm f27cbd0c9f968bfa7d6f10d8040a1f4f mbs1/x86_64/php-odbc-5.5.24-1.mbs1.x86_64.rpm db18ba83bd3e8f82f189c4e93799de9a mbs1/x86_64/php-opcache-5.5.24-1.mbs1.x86_64.rpm 7e02eaad2751f993fcd7af5a649b4707 mbs1/x86_64/php-openssl-5.5.24-1.mbs1.x86_64.rpm be43bdb8b4c0ea65901bb7ab4a12e1be mbs1/x86_64/php-pcntl-5.5.24-1.mbs1.x86_64.rpm 57ba222e0921de0efcad052a1ed359cc mbs1/x86_64/php-pdo-5.5.24-1.mbs1.x86_64.rpm 3ba50d22dead03f756136363e1e2ce27 mbs1/x86_64/php-pdo_dblib-5.5.24-1.mbs1.x86_64.rpm fe6858486fc7a42f7099f103fec8e0c9 mbs1/x86_64/php-pdo_mysql-5.5.24-1.mbs1.x86_64.rpm 407570e83b281be3515970aa6e24a773 mbs1/x86_64/php-pdo_odbc-5.5.24-1.mbs1.x86_64.rpm e5c66883133694a146b0f4840749a7d7 mbs1/x86_64/php-pdo_pgsql-5.5.24-1.mbs1.x86_64.rpm d41508abccb63d3b0c0d44a82596f1d6 mbs1/x86_64/php-pdo_sqlite-5.5.24-1.mbs1.x86_64.rpm 3f7dd514cca5b5259854043194099c4c mbs1/x86_64/php-pgsql-5.5.24-1.mbs1.x86_64.rpm 1b6b8a0d2e033b35697757a49329d51e mbs1/x86_64/php-phar-5.5.24-1.mbs1.x86_64.rpm 30e86f3079cd49241d680f46542b16b8 mbs1/x86_64/php-posix-5.5.24-1.mbs1.x86_64.rpm b065951f2e32008908857708ae2f1539 mbs1/x86_64/php-readline-5.5.24-1.mbs1.x86_64.rpm 13886e31952529313c505acbc7ebbbc6 mbs1/x86_64/php-recode-5.5.24-1.mbs1.x86_64.rpm 95ca2a29237d6f3e6f852431626be072 mbs1/x86_64/php-session-5.5.24-1.mbs1.x86_64.rpm f5f33541bc2a3b3f0b456989e20aa45c mbs1/x86_64/php-shmop-5.5.24-1.mbs1.x86_64.rpm c5414a148aa0e25b03b9faf79c50693a mbs1/x86_64/php-snmp-5.5.24-1.mbs1.x86_64.rpm d02afd660db7544b09328445c2f99ec6 mbs1/x86_64/php-soap-5.5.24-1.mbs1.x86_64.rpm 239a1c675cf3a4f853cc94cfc188e60e mbs1/x86_64/php-sockets-5.5.24-1.mbs1.x86_64.rpm 04e689ed1f9163a149f3448cfe4bd218 mbs1/x86_64/php-sqlite3-5.5.24-1.mbs1.x86_64.rpm a39905d2eae282b1d06db94afbf51255 mbs1/x86_64/php-sybase_ct-5.5.24-1.mbs1.x86_64.rpm a7fd332d4fea37c9f3335a0d8921f228 mbs1/x86_64/php-sysvmsg-5.5.24-1.mbs1.x86_64.rpm b9fdd882caee7f469d3c285082e8f717 mbs1/x86_64/php-sysvsem-5.5.24-1.mbs1.x86_64.rpm 79ede61a89fae9e6fab33f1a99b3ded7 mbs1/x86_64/php-sysvshm-5.5.24-1.mbs1.x86_64.rpm 5f0b1072e400ccc886979e7647c160f2 mbs1/x86_64/php-tidy-5.5.24-1.mbs1.x86_64.rpm 1df6d933d3f5c14bb334b8e49df50901 mbs1/x86_64/php-timezonedb-2015.4-1.mbs1.x86_64.rpm e03d364e8d94dc5e509f89ad06b1ceec mbs1/x86_64/php-tokenizer-5.5.24-1.mbs1.x86_64.rpm 4eb33980b578bc3f7c8436993e401a6b mbs1/x86_64/php-wddx-5.5.24-1.mbs1.x86_64.rpm cfb0b798a98736cebe6d2854610e5c88 mbs1/x86_64/php-xml-5.5.24-1.mbs1.x86_64.rpm 2d05b6ecae1866827a732b19bdea2682 mbs1/x86_64/php-xmlreader-5.5.24-1.mbs1.x86_64.rpm bab20d281d211f8202d881723f0091f1 mbs1/x86_64/php-xmlrpc-5.5.24-1.mbs1.x86_64.rpm d213f4b86b0532049556a37958d12570 mbs1/x86_64/php-xmlwriter-5.5.24-1.mbs1.x86_64.rpm a43e88b8cb0cf9a46d63f318d63853c7 mbs1/x86_64/php-xsl-5.5.24-1.mbs1.x86_64.rpm 3150b97e91d4363c5b79b6e67cf4febe mbs1/x86_64/php-zip-5.5.24-1.mbs1.x86_64.rpm 962d3621008091b8186481e521296d29 mbs1/x86_64/php-zlib-5.5.24-1.mbs1.x86_64.rpm 52139e1dbd986bf5b685ee0f92e67da2 mbs1/SRPMS/php-5.5.24-1.mbs1.src.rpm 854f5600d70006910d80643b638289d4 mbs1/SRPMS/php-apc-3.1.15-1.18.mbs1.src.rpm 77e0fad280231397615e51f099b33f1c mbs1/SRPMS/php-timezonedb-2015.4-1.mbs1.src.rpm
Mandriva Business Server 2/X86_64: 2a2dcd3f73583e81c1d4ca142814ed6a mbs2/x86_64/apache-mod_php-5.5.24-1.mbs2.x86_64.rpm a7964f16c85b0772835366fa821f7dd1 mbs2/x86_64/lib64php5_common5-5.5.24-1.mbs2.x86_64.rpm 624d6512573e4ccc202f9ea08433727e mbs2/x86_64/php-bcmath-5.5.24-1.mbs2.x86_64.rpm dd817015c54820a9fc967da7db4b1461 mbs2/x86_64/php-bz2-5.5.24-1.mbs2.x86_64.rpm 1c022b50d3f12d3e8e358fca3afe6f0f mbs2/x86_64/php-calendar-5.5.24-1.mbs2.x86_64.rpm 52159b3e747e424b1fe40944f404b45d mbs2/x86_64/php-cgi-5.5.24-1.mbs2.x86_64.rpm 5ac82cf4acc95e8d8a80537173a1dc98 mbs2/x86_64/php-cli-5.5.24-1.mbs2.x86_64.rpm e7271551aa14e6931b0ba22ee33d3712 mbs2/x86_64/php-ctype-5.5.24-1.mbs2.x86_64.rpm 7293fa4917183914c356cc2376a5e1ab mbs2/x86_64/php-curl-5.5.24-1.mbs2.x86_64.rpm 258058f8e1cda5be8a9444964a553691 mbs2/x86_64/php-dba-5.5.24-1.mbs2.x86_64.rpm c0a6fa757e9ffda700f65a93442564d4 mbs2/x86_64/php-devel-5.5.24-1.mbs2.x86_64.rpm c06bc210915a004b2b9fcd084f853e20 mbs2/x86_64/php-doc-5.5.24-1.mbs2.noarch.rpm 049a5952ec9f5af423d4ecc78ff80f60 mbs2/x86_64/php-dom-5.5.24-1.mbs2.x86_64.rpm c09f88b638281bb87aea12ef38455f36 mbs2/x86_64/php-enchant-5.5.24-1.mbs2.x86_64.rpm 54d1dc9b189dfb87de442ba2c765deef mbs2/x86_64/php-exif-5.5.24-1.mbs2.x86_64.rpm ee6d0aa018912da413a14365a41cc1a2 mbs2/x86_64/php-fileinfo-5.5.24-1.mbs2.x86_64.rpm 0f216dc10bb650bdf29c01d9905ca4f2 mbs2/x86_64/php-filter-5.5.24-1.mbs2.x86_64.rpm 4bf7b3c69724d769e10f8341c95d6004 mbs2/x86_64/php-fpm-5.5.24-1.mbs2.x86_64.rpm aeb60443860bbb7e88a0288fb3e2f6cd mbs2/x86_64/php-ftp-5.5.24-1.mbs2.x86_64.rpm 226a551699749179b94570dfa3c50986 mbs2/x86_64/php-gd-5.5.24-1.mbs2.x86_64.rpm 5e29df38df1b862e4ba3b5486cdbcc47 mbs2/x86_64/php-gettext-5.5.24-1.mbs2.x86_64.rpm ead9effbca236c6c2902955935c28225 mbs2/x86_64/php-gmp-5.5.24-1.mbs2.x86_64.rpm c8f01d16bb8cbbd1d891c68c54d2dd16 mbs2/x86_64/php-hash-5.5.24-1.mbs2.x86_64.rpm c1c7332cf8dc2c0d21cb57bf4d7f81dd mbs2/x86_64/php-iconv-5.5.24-1.mbs2.x86_64.rpm 7f86a963f8cf5e6351acd1fdf995b7a1 mbs2/x86_64/php-imap-5.5.24-1.mbs2.x86_64.rpm 215c060793b574a36c28131dca9bf9c7 mbs2/x86_64/php-ini-5.5.24-1.mbs2.x86_64.rpm 7f07f161b4e1885aa807d3753d948e10 mbs2/x86_64/php-interbase-5.5.24-1.mbs2.x86_64.rpm 8171c9830749db254898f80f8ecbdd04 mbs2/x86_64/php-intl-5.5.24-1.mbs2.x86_64.rpm 1fa26b49fa8e0b776d484b4fcc0d4bf3 mbs2/x86_64/php-json-5.5.24-1.mbs2.x86_64.rpm 29051ac44b6e2068a71c026e9d458536 mbs2/x86_64/php-ldap-5.5.24-1.mbs2.x86_64.rpm 3d97347fe4b9589ae80b7fd16c281dcd mbs2/x86_64/php-mbstring-5.5.24-1.mbs2.x86_64.rpm 1a5a41400380b4bcde25d2b693e1dab0 mbs2/x86_64/php-mcrypt-5.5.24-1.mbs2.x86_64.rpm a79635ca99cd7ae80d1661373161da1f mbs2/x86_64/php-mssql-5.5.24-1.mbs2.x86_64.rpm cdc3bde549c9ae73915db8a0e0919ce5 mbs2/x86_64/php-mysql-5.5.24-1.mbs2.x86_64.rpm 7a72c1ab11020a2c52aa3a74636d5342 mbs2/x86_64/php-mysqli-5.5.24-1.mbs2.x86_64.rpm 93fb357f9dbf32887a98a5409b3b8a16 mbs2/x86_64/php-mysqlnd-5.5.24-1.mbs2.x86_64.rpm caf79717e1ca56ec3e53fdaa25e734aa mbs2/x86_64/php-odbc-5.5.24-1.mbs2.x86_64.rpm eb293f64d2bd635c70d36274275e60bb mbs2/x86_64/php-opcache-5.5.24-1.mbs2.x86_64.rpm 91847d268cb8a62eb0e89fc95a9c51e6 mbs2/x86_64/php-openssl-5.5.24-1.mbs2.x86_64.rpm 35e065d8684684e3e304bafbb309c895 mbs2/x86_64/php-pcntl-5.5.24-1.mbs2.x86_64.rpm d65e05e7edf7480ed362783dc75609be mbs2/x86_64/php-pdo-5.5.24-1.mbs2.x86_64.rpm 8657b2e1171497ff9ae5864ecccfeb23 mbs2/x86_64/php-pdo_dblib-5.5.24-1.mbs2.x86_64.rpm 19c9414ced1e0806b77347f9427d6653 mbs2/x86_64/php-pdo_firebird-5.5.24-1.mbs2.x86_64.rpm 28b09335667ac3993f1aca5da234df8a mbs2/x86_64/php-pdo_mysql-5.5.24-1.mbs2.x86_64.rpm b928f58777cfbd848985606bd680bf8f mbs2/x86_64/php-pdo_odbc-5.5.24-1.mbs2.x86_64.rpm ba6bf3afe9d497b9f1d99cb467b13ca5 mbs2/x86_64/php-pdo_pgsql-5.5.24-1.mbs2.x86_64.rpm 21823497094c28ce7bf74f052122fe99 mbs2/x86_64/php-pdo_sqlite-5.5.24-1.mbs2.x86_64.rpm 4a6a259c16ca5bad2b466f29acad4985 mbs2/x86_64/php-pgsql-5.5.24-1.mbs2.x86_64.rpm 7c9c9f9555a74f3257c6e8f16222d21f mbs2/x86_64/php-phar-5.5.24-1.mbs2.x86_64.rpm db4254db501a4fca54fa367b20f068f4 mbs2/x86_64/php-posix-5.5.24-1.mbs2.x86_64.rpm 10fb26df5f5a5d3b1988c40678b56fb6 mbs2/x86_64/php-readline-5.5.24-1.mbs2.x86_64.rpm c20ddec24b84440146734feb639b0f00 mbs2/x86_64/php-recode-5.5.24-1.mbs2.x86_64.rpm 68a49598e99391f37342a3d23a1414e7 mbs2/x86_64/php-session-5.5.24-1.mbs2.x86_64.rpm a26563d738120cba5f81ddda143ca55f mbs2/x86_64/php-shmop-5.5.24-1.mbs2.x86_64.rpm d69120a1ed4aeb3fe229cc83120d8c78 mbs2/x86_64/php-snmp-5.5.24-1.mbs2.x86_64.rpm 4596e3f325f70a29bf12d76793984b20 mbs2/x86_64/php-soap-5.5.24-1.mbs2.x86_64.rpm 7deda5cc9443b117fad82352943353ff mbs2/x86_64/php-sockets-5.5.24-1.mbs2.x86_64.rpm bc3f0ad45bb5bf488c73a5933a70d2c0 mbs2/x86_64/php-sqlite3-5.5.24-1.mbs2.x86_64.rpm 295fa388d26e62dcb0faf23c6e690ffa mbs2/x86_64/php-sybase_ct-5.5.24-1.mbs2.x86_64.rpm 88367608d60aac24ca0b0d0d92187b0e mbs2/x86_64/php-sysvmsg-5.5.24-1.mbs2.x86_64.rpm 36eac7d0e9a1f148e8954912db56dc13 mbs2/x86_64/php-sysvsem-5.5.24-1.mbs2.x86_64.rpm 74e6909f0c7a516bd99625c649bed33c mbs2/x86_64/php-sysvshm-5.5.24-1.mbs2.x86_64.rpm 9142ae8fb4665580503bc0520d3aaf89 mbs2/x86_64/php-tidy-5.5.24-1.mbs2.x86_64.rpm 4ee29061197f48af9c987d31abdec823 mbs2/x86_64/php-timezonedb-2015.4-1.mbs2.x86_64.rpm eafea4beda5144dd3adac0afce3f2258 mbs2/x86_64/php-tokenizer-5.5.24-1.mbs2.x86_64.rpm 505c78284f22f95d8a574c13ea043bc4 mbs2/x86_64/php-wddx-5.5.24-1.mbs2.x86_64.rpm e7e4fe996d11553ebd80ad4392caae2e mbs2/x86_64/php-xml-5.5.24-1.mbs2.x86_64.rpm 7a1c383a450c6a80f95255434e5390fd mbs2/x86_64/php-xmlreader-5.5.24-1.mbs2.x86_64.rpm 2af0b36e46ba236da59a98631c664bd9 mbs2/x86_64/php-xmlrpc-5.5.24-1.mbs2.x86_64.rpm a3f77553286094ecd60e174cfdb0e6dc mbs2/x86_64/php-xmlwriter-5.5.24-1.mbs2.x86_64.rpm b3bb2d250c73f7c355394353b4c0599d mbs2/x86_64/php-xsl-5.5.24-1.mbs2.x86_64.rpm a8f9476cba7a6aaab6eee8da66fd8fea mbs2/x86_64/php-zip-5.5.24-1.mbs2.x86_64.rpm 43d4282dddd18c07b87774cf704ce5be mbs2/x86_64/php-zlib-5.5.24-1.mbs2.x86_64.rpm 8cdfdd3582b44c38d735c58aea9e45f7 mbs2/SRPMS/php-5.5.24-1.mbs2.src.rpm 09afb4a05a8a1add563f2cb348fb2b0d mbs2/SRPMS/php-timezonedb-2015.4-1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
CVE-2015-4024
Denial of service when processing multipart/form-data requests.
For the oldstable distribution (wheezy), these problems have been fixed in version 5.4.41-0+deb7u1.
For the stable distribution (jessie), these problems have been fixed in version 5.6.9+dfsg-0+deb8u1.
For the testing distribution (stretch), these problems have been fixed in version 5.6.9+dfsg-1.
For the unstable distribution (sid), these problems have been fixed in version 5.6.9+dfsg-1.
We recommend that you upgrade your php5 packages
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.14"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.23"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.1"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.12"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.3"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.19"
},
{
"_id": null,
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.1"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.4"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.0"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.9.5"
},
{
"_id": null,
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.8"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.9"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.2"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.5"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.6.6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.22"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.2"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.6.7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.10"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.18"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.7"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.11"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.8"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.13"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.6.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.6.4"
},
{
"_id": null,
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.1"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.20"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.6.2"
},
{
"_id": null,
"model": "php",
"scope": "lte",
"trust": 1.0,
"vendor": "php",
"version": "5.4.39"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.3"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.1"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.6.3"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.6.5"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.4"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.21"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.9.5 (ht205031)"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.8,
"vendor": "the php group",
"version": "5.5.24"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.6.8 thats all 10.11"
},
{
"_id": null,
"model": "php",
"scope": "lt",
"trust": 0.8,
"vendor": "the php group",
"version": "5.6.x"
},
{
"_id": null,
"model": "mac os x",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "(ht205267)"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.8,
"vendor": "the php group",
"version": "5.6.8"
},
{
"_id": null,
"model": "php",
"scope": "lt",
"trust": 0.8,
"vendor": "the php group",
"version": "5.5.x"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.4 (ht205031)"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "hat enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "hat enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "hat enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "hat enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "hat enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.3"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.2"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.1"
},
{
"_id": null,
"model": "5.5.0-dev",
"scope": null,
"trust": 0.3,
"vendor": "php",
"version": null
},
{
"_id": null,
"model": "5.4.1rc1-dev",
"scope": null,
"trust": 0.3,
"vendor": "php",
"version": null
},
{
"_id": null,
"model": "5.4.0beta2",
"scope": null,
"trust": 0.3,
"vendor": "php",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
}
],
"sources": [
{
"db": "BID",
"id": "74240"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-041"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003046"
},
{
"db": "NVD",
"id": "CVE-2015-3329"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:php:php",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003046"
}
]
},
"credits": {
"_id": null,
"data": "emmanuel law",
"sources": [
{
"db": "BID",
"id": "74240"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3329",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3329",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-81290",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3329",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3329",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-041",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-81290",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-3329",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81290"
},
{
"db": "VULMON",
"id": "CVE-2015-3329"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-041"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003046"
},
{
"db": "NVD",
"id": "CVE-2015-3329"
}
]
},
"description": {
"_id": null,
"data": "Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive. PHP is prone to a buffer-overflow vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. The following versions are affected: PHP prior to 5.4.40, 5.5.x prior to 5.5.24, and 5.6.x prior to 5.6.8. ==========================================================================\nUbuntu Security Notice USN-2572-1\nApril 20, 2015\n\nphp5 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in PHP. This issue only applied to\nUbuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-2348)\n\nIt was discovered that PHP incorrectly handled unserializing PHAR files. \n(CVE-2015-2787)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.10:\n libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.4\n php5-cgi 5.5.12+dfsg-2ubuntu4.4\n php5-cli 5.5.12+dfsg-2ubuntu4.4\n php5-fpm 5.5.12+dfsg-2ubuntu4.4\n\nUbuntu 14.04 LTS:\n libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.9\n php5-cgi 5.5.9+dfsg-1ubuntu4.9\n php5-cli 5.5.9+dfsg-1ubuntu4.9\n php5-fpm 5.5.9+dfsg-1ubuntu4.9\n\nUbuntu 12.04 LTS:\n libapache2-mod-php5 5.3.10-1ubuntu3.18\n php5-cgi 5.3.10-1ubuntu3.18\n php5-cli 5.3.10-1ubuntu3.18\n php5-fpm 5.3.10-1ubuntu3.18\n\nUbuntu 10.04 LTS:\n libapache2-mod-php5 5.3.2-1ubuntu4.30\n php5-cgi 5.3.2-1ubuntu4.30\n php5-cli 5.3.2-1ubuntu4.30\n\nIn general, a standard system update will make all the necessary changes. 6) - i386, x86_64\n\n3. (CVE-2014-9709)\n\nA double free flaw was found in zend_ts_hash_graceful_destroy() function in\nthe PHP ZTS module. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: php security and bug fix update\nAdvisory ID: RHSA-2015:1135-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1135.html\nIssue date: 2015-06-23\nCVE Names: CVE-2014-8142 CVE-2014-9652 CVE-2014-9705 \n CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 \n CVE-2015-0273 CVE-2015-2301 CVE-2015-2348 \n CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 \n CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 \n CVE-2015-3412 CVE-2015-4021 CVE-2015-4022 \n CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 \n CVE-2015-4147 CVE-2015-4148 CVE-2015-4598 \n CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 \n CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 \n CVE-2015-4605 \n=====================================================================\n\n1. Summary:\n\nUpdated php packages that fix multiple security issues and several bugs\nare now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. \n\nA flaw was found in the way the PHP module for the Apache httpd web server\nhandled pipelined requests. A remote attacker could use this flaw to\ntrigger the execution of a PHP script in a deinitialized interpreter,\ncausing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330)\n\nA flaw was found in the way PHP parsed multipart HTTP POST requests. A\nspecially crafted request could cause PHP to use an excessive amount of CPU\ntime. (CVE-2015-4024)\n\nAn uninitialized pointer use flaw was found in PHP\u0027s Exif extension. A\nspecially crafted JPEG or TIFF file could cause a PHP application using the\nexif_read_data() function to crash or, possibly, execute arbitrary code\nwith the privileges of the user running that PHP application. \n(CVE-2015-0232)\n\nAn integer overflow flaw leading to a heap-based buffer overflow was found\nin the way PHP\u0027s FTP extension parsed file listing FTP server responses. A\nmalicious FTP server could use this flaw to cause a PHP application to\ncrash or, possibly, execute arbitrary code. (CVE-2015-4022)\n\nMultiple flaws were discovered in the way PHP performed object\nunserialization. (CVE-2014-8142, CVE-2015-0231, CVE-2015-0273,\nCVE-2015-2787, CVE-2015-4147, CVE-2015-4148, CVE-2015-4599, CVE-2015-4600,\nCVE-2015-4601, CVE-2015-4602, CVE-2015-4603)\n\nIt was found that certain PHP functions did not properly handle file names\ncontaining a NULL character. A remote attacker could possibly use this flaw\nto make a PHP script access unexpected files and bypass intended file\nsystem access restrictions. (CVE-2015-2348, CVE-2015-4025, CVE-2015-4026,\nCVE-2015-3411, CVE-2015-3412, CVE-2015-4598)\n\nMultiple flaws were found in the way the way PHP\u0027s Phar extension parsed\nPhar archives. (CVE-2015-2301,\nCVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-4021)\n\nMultiple flaws were found in PHP\u0027s File Information (fileinfo) extension. \nA remote attacker could cause a PHP application to crash if it used\nfileinfo to identify type of attacker supplied files. (CVE-2014-9652,\nCVE-2015-4604, CVE-2015-4605)\n\nA heap buffer overflow flaw was found in the enchant_broker_request_dict()\nfunction of PHP\u0027s enchant extension. An attacker able to make a PHP\napplication enchant dictionaries could possibly cause it to crash. \n(CVE-2014-9705)\n\nA buffer over-read flaw was found in the GD library used by the PHP gd\nextension. A specially crafted GIF file could cause a PHP application using\nthe imagecreatefromgif() function to crash. (CVE-2014-9709)\n\nThis update also fixes the following bugs:\n\n* The libgmp library in some cases terminated unexpectedly with a\nsegmentation fault when being used with other libraries that use the GMP\nmemory management. With this update, PHP no longer changes libgmp memory\nallocators, which prevents the described crash from occurring. (BZ#1212305)\n\n* When using the Open Database Connectivity (ODBC) API, the PHP process\nin some cases terminated unexpectedly with a segmentation fault. The\nunderlying code has been adjusted to prevent this crash. (BZ#1212299)\n\n* Previously, running PHP on a big-endian system sometimes led to memory\ncorruption in the fileinfo module. This update adjusts the behavior of\nthe PHP pointer so that it can be freed without causing memory corruption. \n(BZ#1212298)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1175718 - CVE-2014-8142 php: use after free vulnerability in unserialize()\n1185397 - CVE-2015-0231 php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142)\n1185472 - CVE-2015-0232 php: Free called on unitialized pointer in exif.c\n1188599 - CVE-2014-9652 file: out of bounds read in mconvert()\n1188639 - CVE-2014-9709 gd: buffer read overflow in gd_gif_in.c\n1194730 - CVE-2015-0273 php: use after free vulnerability in unserialize() with DateTimeZone\n1194737 - CVE-2014-9705 php: heap buffer overflow in enchant_broker_request_dict()\n1194747 - CVE-2015-2301 php: use after free in phar_object.c\n1204868 - CVE-2015-4147 php: SoapClient\u0027s __call() type confusion through unserialize()\n1207676 - CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re\n1207682 - CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name\n1213394 - CVE-2015-3330 php: pipelined request executed in deinitialized interpreter under httpd 2.4\n1213407 - CVE-2015-3411 php: missing null byte checks for paths in various PHP extensions\n1213442 - CVE-2015-4604 CVE-2015-4605 php: denial of service when processing a crafted file with Fileinfo\n1213446 - CVE-2015-2783 php: buffer over-read in Phar metadata parsing\n1213449 - CVE-2015-3329 php: buffer overflow in phar_set_inode()\n1222485 - CVE-2015-4024 php: multipart/form-data request paring CPU usage DoS\n1222538 - CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 php: type confusion issue in unserialize() with various SOAP methods\n1223408 - CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+\n1223412 - CVE-2015-4022 php: integer overflow leading to heap overflow when reading FTP file listing\n1223422 - CVE-2015-4026 php: pcntl_exec() accepts paths with NUL character\n1223425 - CVE-2015-4021 php: memory corruption in phar_parse_tarfile caused by empty entry file name\n1223441 - CVE-2015-3307 php: invalid pointer free() in phar_tar_process_metadata()\n1226916 - CVE-2015-4148 php: SoapClient\u0027s do_soap_call() type confusion after unserialize()\n1232823 - CVE-2015-3412 php: missing null byte checks for paths in various PHP extensions\n1232897 - CVE-2015-4598 php: missing null byte checks for paths in DOM and GD extensions\n1232918 - CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize\n1232923 - CVE-2015-4602 php: Incomplete Class unserialization type confusion\n\n6. Package List:\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nppc64:\nphp-5.4.16-36.el7_1.ppc64.rpm\nphp-cli-5.4.16-36.el7_1.ppc64.rpm\nphp-common-5.4.16-36.el7_1.ppc64.rpm\nphp-debuginfo-5.4.16-36.el7_1.ppc64.rpm\nphp-gd-5.4.16-36.el7_1.ppc64.rpm\nphp-ldap-5.4.16-36.el7_1.ppc64.rpm\nphp-mysql-5.4.16-36.el7_1.ppc64.rpm\nphp-odbc-5.4.16-36.el7_1.ppc64.rpm\nphp-pdo-5.4.16-36.el7_1.ppc64.rpm\nphp-pgsql-5.4.16-36.el7_1.ppc64.rpm\nphp-process-5.4.16-36.el7_1.ppc64.rpm\nphp-recode-5.4.16-36.el7_1.ppc64.rpm\nphp-soap-5.4.16-36.el7_1.ppc64.rpm\nphp-xml-5.4.16-36.el7_1.ppc64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.ppc64.rpm\n\ns390x:\nphp-5.4.16-36.el7_1.s390x.rpm\nphp-cli-5.4.16-36.el7_1.s390x.rpm\nphp-common-5.4.16-36.el7_1.s390x.rpm\nphp-debuginfo-5.4.16-36.el7_1.s390x.rpm\nphp-gd-5.4.16-36.el7_1.s390x.rpm\nphp-ldap-5.4.16-36.el7_1.s390x.rpm\nphp-mysql-5.4.16-36.el7_1.s390x.rpm\nphp-odbc-5.4.16-36.el7_1.s390x.rpm\nphp-pdo-5.4.16-36.el7_1.s390x.rpm\nphp-pgsql-5.4.16-36.el7_1.s390x.rpm\nphp-process-5.4.16-36.el7_1.s390x.rpm\nphp-recode-5.4.16-36.el7_1.s390x.rpm\nphp-soap-5.4.16-36.el7_1.s390x.rpm\nphp-xml-5.4.16-36.el7_1.s390x.rpm\nphp-xmlrpc-5.4.16-36.el7_1.s390x.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nphp-5.4.16-36.ael7b_1.src.rpm\n\nppc64le:\nphp-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-cli-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-common-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-gd-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-ldap-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mysql-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-odbc-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pdo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pgsql-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-process-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-recode-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-soap-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-xml-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-xmlrpc-5.4.16-36.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nphp-bcmath-5.4.16-36.el7_1.ppc64.rpm\nphp-dba-5.4.16-36.el7_1.ppc64.rpm\nphp-debuginfo-5.4.16-36.el7_1.ppc64.rpm\nphp-devel-5.4.16-36.el7_1.ppc64.rpm\nphp-embedded-5.4.16-36.el7_1.ppc64.rpm\nphp-enchant-5.4.16-36.el7_1.ppc64.rpm\nphp-fpm-5.4.16-36.el7_1.ppc64.rpm\nphp-intl-5.4.16-36.el7_1.ppc64.rpm\nphp-mbstring-5.4.16-36.el7_1.ppc64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.ppc64.rpm\nphp-pspell-5.4.16-36.el7_1.ppc64.rpm\nphp-snmp-5.4.16-36.el7_1.ppc64.rpm\n\ns390x:\nphp-bcmath-5.4.16-36.el7_1.s390x.rpm\nphp-dba-5.4.16-36.el7_1.s390x.rpm\nphp-debuginfo-5.4.16-36.el7_1.s390x.rpm\nphp-devel-5.4.16-36.el7_1.s390x.rpm\nphp-embedded-5.4.16-36.el7_1.s390x.rpm\nphp-enchant-5.4.16-36.el7_1.s390x.rpm\nphp-fpm-5.4.16-36.el7_1.s390x.rpm\nphp-intl-5.4.16-36.el7_1.s390x.rpm\nphp-mbstring-5.4.16-36.el7_1.s390x.rpm\nphp-mysqlnd-5.4.16-36.el7_1.s390x.rpm\nphp-pspell-5.4.16-36.el7_1.s390x.rpm\nphp-snmp-5.4.16-36.el7_1.s390x.rpm\n\nx86_64:\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64le:\nphp-bcmath-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-dba-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-devel-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-embedded-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-enchant-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-fpm-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-intl-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mbstring-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mysqlnd-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pspell-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-snmp-5.4.16-36.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-8142\nhttps://access.redhat.com/security/cve/CVE-2014-9652\nhttps://access.redhat.com/security/cve/CVE-2014-9705\nhttps://access.redhat.com/security/cve/CVE-2014-9709\nhttps://access.redhat.com/security/cve/CVE-2015-0231\nhttps://access.redhat.com/security/cve/CVE-2015-0232\nhttps://access.redhat.com/security/cve/CVE-2015-0273\nhttps://access.redhat.com/security/cve/CVE-2015-2301\nhttps://access.redhat.com/security/cve/CVE-2015-2348\nhttps://access.redhat.com/security/cve/CVE-2015-2783\nhttps://access.redhat.com/security/cve/CVE-2015-2787\nhttps://access.redhat.com/security/cve/CVE-2015-3307\nhttps://access.redhat.com/security/cve/CVE-2015-3329\nhttps://access.redhat.com/security/cve/CVE-2015-3330\nhttps://access.redhat.com/security/cve/CVE-2015-3411\nhttps://access.redhat.com/security/cve/CVE-2015-3412\nhttps://access.redhat.com/security/cve/CVE-2015-4021\nhttps://access.redhat.com/security/cve/CVE-2015-4022\nhttps://access.redhat.com/security/cve/CVE-2015-4024\nhttps://access.redhat.com/security/cve/CVE-2015-4025\nhttps://access.redhat.com/security/cve/CVE-2015-4026\nhttps://access.redhat.com/security/cve/CVE-2015-4147\nhttps://access.redhat.com/security/cve/CVE-2015-4148\nhttps://access.redhat.com/security/cve/CVE-2015-4598\nhttps://access.redhat.com/security/cve/CVE-2015-4599\nhttps://access.redhat.com/security/cve/CVE-2015-4600\nhttps://access.redhat.com/security/cve/CVE-2015-4601\nhttps://access.redhat.com/security/cve/CVE-2015-4602\nhttps://access.redhat.com/security/cve/CVE-2015-4603\nhttps://access.redhat.com/security/cve/CVE-2015-4604\nhttps://access.redhat.com/security/cve/CVE-2015-4605\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFViR1aXlSAg2UNWIIRAuxPAJ42GLQVzvzc9kje0VjDv8NZWcPv6QCbBL+O\ndtqycPWs+07GhjmZ6NNx5Bg=\n=FREZ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201606-10\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: PHP: Multiple vulnerabilities\n Date: June 19, 2016\n Bugs: #537586, #541098, #544186, #544330, #546872, #549538,\n #552408, #555576, #555830, #556952, #559612, #562882,\n #571254, #573892, #577376\n ID: 201606-10\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in PHP, the worst of which\ncould lead to arbitrary code execution, or cause a Denial of Service\ncondition. \n\nBackground\n==========\n\nPHP is a widely-used general-purpose scripting language that is\nespecially suited for Web development and can be embedded into HTML. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll PHP 5.4 users should upgrade to the latest 5.5 stable branch, as\nPHP 5.4 is now masked in Portage:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev=lang/php-5.5.33\"\n\nAll PHP 5.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev=lang/php-5.5.33\"\n\nAll PHP 5.6 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev=lang/php-5.6.19\"\n\nReferences\n==========\n\n[ 1 ] CVE-2013-6501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6501\n[ 2 ] CVE-2014-9705\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9705\n[ 3 ] CVE-2014-9709\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9709\n[ 4 ] CVE-2015-0231\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0231\n[ 5 ] CVE-2015-0273\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0273\n[ 6 ] CVE-2015-1351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1351\n[ 7 ] CVE-2015-1352\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1352\n[ 8 ] CVE-2015-2301\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2301\n[ 9 ] CVE-2015-2348\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2348\n[ 10 ] CVE-2015-2783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2783\n[ 11 ] CVE-2015-2787\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2787\n[ 12 ] CVE-2015-3329\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3329\n[ 13 ] CVE-2015-3330\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3330\n[ 14 ] CVE-2015-4021\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4021\n[ 15 ] CVE-2015-4022\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4022\n[ 16 ] CVE-2015-4025\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4025\n[ 17 ] CVE-2015-4026\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4026\n[ 18 ] CVE-2015-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4147\n[ 19 ] CVE-2015-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4148\n[ 20 ] CVE-2015-4642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4642\n[ 21 ] CVE-2015-4643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4643\n[ 22 ] CVE-2015-4644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4644\n[ 23 ] CVE-2015-6831\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6831\n[ 24 ] CVE-2015-6832\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6832\n[ 25 ] CVE-2015-6833\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6833\n[ 26 ] CVE-2015-6834\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6834\n[ 27 ] CVE-2015-6835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6835\n[ 28 ] CVE-2015-6836\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6836\n[ 29 ] CVE-2015-6837\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6837\n[ 30 ] CVE-2015-6838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6838\n[ 31 ] CVE-2015-7803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7803\n[ 32 ] CVE-2015-7804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7804\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201606-10\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. \n \n Buffer Overflow when parsing tar/zip/phar in phar_set_inode\n (CVE-2015-3329). \n \n Potential remote code execution with apache 2.4 apache2handler\n (CVE-2015-3330). \n \n Additionally the timezonedb packages has been upgraded to the latest\n version and the PECL packages which requires so has been rebuilt\n for php-5.5.24. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2783\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3329\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3330\n http://advisories.mageia.org/MGASA-2015-0169.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n fb5b4628263a821fb3e4075a5fb4e5b4 mbs1/x86_64/apache-mod_php-5.5.24-1.mbs1.x86_64.rpm\n 3c7f76ada5ccad65c212ee350fdffe87 mbs1/x86_64/lib64php5_common5-5.5.24-1.mbs1.x86_64.rpm\n 5400e21c3eaecc346e1eb8c712e9478f mbs1/x86_64/php-apc-3.1.15-1.18.mbs1.x86_64.rpm\n 90ae23234441a8de169207ff7f045684 mbs1/x86_64/php-apc-admin-3.1.15-1.18.mbs1.x86_64.rpm\n a39b53bcacc941035d830ce1052540b3 mbs1/x86_64/php-bcmath-5.5.24-1.mbs1.x86_64.rpm\n ada97c19882cf313e4d7ebba0909f6d8 mbs1/x86_64/php-bz2-5.5.24-1.mbs1.x86_64.rpm\n c6e5c880827c6bc76dfb1c15460637b4 mbs1/x86_64/php-calendar-5.5.24-1.mbs1.x86_64.rpm\n 6535a7223184cec5ac17edb9e1d31388 mbs1/x86_64/php-cgi-5.5.24-1.mbs1.x86_64.rpm\n 16aa52d7dd47cc27cb5d7aec420944eb mbs1/x86_64/php-cli-5.5.24-1.mbs1.x86_64.rpm\n 7983f9d1bf3039b5efdb0ed70329cccd mbs1/x86_64/php-ctype-5.5.24-1.mbs1.x86_64.rpm\n 3cbc805a1610b54d191e2e3ca99c3ae4 mbs1/x86_64/php-curl-5.5.24-1.mbs1.x86_64.rpm\n f53dd6f08013c00ae1c95df14671624e mbs1/x86_64/php-dba-5.5.24-1.mbs1.x86_64.rpm\n e2a5d632a8581e27a366191c9fd86424 mbs1/x86_64/php-devel-5.5.24-1.mbs1.x86_64.rpm\n 37bb13541a04b935c93600dc63e98047 mbs1/x86_64/php-doc-5.5.24-1.mbs1.noarch.rpm\n fad46645f9afb86eedf094cbe82eaebe mbs1/x86_64/php-dom-5.5.24-1.mbs1.x86_64.rpm\n 22141396e7bccb2aac8a2e7c0d0f02aa mbs1/x86_64/php-enchant-5.5.24-1.mbs1.x86_64.rpm\n e3f7bc72aad9e3fb7b9f25f64d9ca95c mbs1/x86_64/php-exif-5.5.24-1.mbs1.x86_64.rpm\n 53a76b203f90a9008eb35cdf93aac246 mbs1/x86_64/php-fileinfo-5.5.24-1.mbs1.x86_64.rpm\n 7cb8c9592f48413f3783f49947563a8f mbs1/x86_64/php-filter-5.5.24-1.mbs1.x86_64.rpm\n 3d34478d09bbf6848c8c2eaea0156feb mbs1/x86_64/php-fpm-5.5.24-1.mbs1.x86_64.rpm\n fc47e9e9b740e94e5210854b7872af8f mbs1/x86_64/php-ftp-5.5.24-1.mbs1.x86_64.rpm\n e22e5cf59f7d0c361b41e220fd0ebbde mbs1/x86_64/php-gd-5.5.24-1.mbs1.x86_64.rpm\n cd5fef5777b58e0562ddeb3ca4b4e1dd mbs1/x86_64/php-gettext-5.5.24-1.mbs1.x86_64.rpm\n aba136588f2c77f2cca4bcc300e7f0b5 mbs1/x86_64/php-gmp-5.5.24-1.mbs1.x86_64.rpm\n 8752b1e4f863b2cdadf08cfdcaf462f7 mbs1/x86_64/php-hash-5.5.24-1.mbs1.x86_64.rpm\n 36bef8c7e03cdffd66a4553266e1a13d mbs1/x86_64/php-iconv-5.5.24-1.mbs1.x86_64.rpm\n 0b405f5f49d174745a4135e033fbe234 mbs1/x86_64/php-imap-5.5.24-1.mbs1.x86_64.rpm\n fc25a10fb623016b5e95595aa114274a mbs1/x86_64/php-ini-5.5.24-1.mbs1.x86_64.rpm\n c4435a44b199cd4fadca0cac247aca06 mbs1/x86_64/php-intl-5.5.24-1.mbs1.x86_64.rpm\n ec611fd14d6b502990fe0a3ab243211a mbs1/x86_64/php-json-5.5.24-1.mbs1.x86_64.rpm\n 519c8ae2df9aeca23d15953470c3a485 mbs1/x86_64/php-ldap-5.5.24-1.mbs1.x86_64.rpm\n f52168266f3d1df5a333f2acb83c7739 mbs1/x86_64/php-mbstring-5.5.24-1.mbs1.x86_64.rpm\n 8fed199f0b2be5b2d1780bed11c5c5d6 mbs1/x86_64/php-mcrypt-5.5.24-1.mbs1.x86_64.rpm\n e5d5276bcfaa7d951b4b543e76949a2f mbs1/x86_64/php-mssql-5.5.24-1.mbs1.x86_64.rpm\n 0a34a8334cd8a3e4d7867a962df62f15 mbs1/x86_64/php-mysql-5.5.24-1.mbs1.x86_64.rpm\n 3fd0dcc4cb8c4ef136c68e243788aa85 mbs1/x86_64/php-mysqli-5.5.24-1.mbs1.x86_64.rpm\n d9db3dd5963888f69b11cdaa1d1c97e4 mbs1/x86_64/php-mysqlnd-5.5.24-1.mbs1.x86_64.rpm\n f27cbd0c9f968bfa7d6f10d8040a1f4f mbs1/x86_64/php-odbc-5.5.24-1.mbs1.x86_64.rpm\n db18ba83bd3e8f82f189c4e93799de9a mbs1/x86_64/php-opcache-5.5.24-1.mbs1.x86_64.rpm\n 7e02eaad2751f993fcd7af5a649b4707 mbs1/x86_64/php-openssl-5.5.24-1.mbs1.x86_64.rpm\n be43bdb8b4c0ea65901bb7ab4a12e1be mbs1/x86_64/php-pcntl-5.5.24-1.mbs1.x86_64.rpm\n 57ba222e0921de0efcad052a1ed359cc mbs1/x86_64/php-pdo-5.5.24-1.mbs1.x86_64.rpm\n 3ba50d22dead03f756136363e1e2ce27 mbs1/x86_64/php-pdo_dblib-5.5.24-1.mbs1.x86_64.rpm\n fe6858486fc7a42f7099f103fec8e0c9 mbs1/x86_64/php-pdo_mysql-5.5.24-1.mbs1.x86_64.rpm\n 407570e83b281be3515970aa6e24a773 mbs1/x86_64/php-pdo_odbc-5.5.24-1.mbs1.x86_64.rpm\n e5c66883133694a146b0f4840749a7d7 mbs1/x86_64/php-pdo_pgsql-5.5.24-1.mbs1.x86_64.rpm\n d41508abccb63d3b0c0d44a82596f1d6 mbs1/x86_64/php-pdo_sqlite-5.5.24-1.mbs1.x86_64.rpm\n 3f7dd514cca5b5259854043194099c4c mbs1/x86_64/php-pgsql-5.5.24-1.mbs1.x86_64.rpm\n 1b6b8a0d2e033b35697757a49329d51e mbs1/x86_64/php-phar-5.5.24-1.mbs1.x86_64.rpm\n 30e86f3079cd49241d680f46542b16b8 mbs1/x86_64/php-posix-5.5.24-1.mbs1.x86_64.rpm\n b065951f2e32008908857708ae2f1539 mbs1/x86_64/php-readline-5.5.24-1.mbs1.x86_64.rpm\n 13886e31952529313c505acbc7ebbbc6 mbs1/x86_64/php-recode-5.5.24-1.mbs1.x86_64.rpm\n 95ca2a29237d6f3e6f852431626be072 mbs1/x86_64/php-session-5.5.24-1.mbs1.x86_64.rpm\n f5f33541bc2a3b3f0b456989e20aa45c mbs1/x86_64/php-shmop-5.5.24-1.mbs1.x86_64.rpm\n c5414a148aa0e25b03b9faf79c50693a mbs1/x86_64/php-snmp-5.5.24-1.mbs1.x86_64.rpm\n d02afd660db7544b09328445c2f99ec6 mbs1/x86_64/php-soap-5.5.24-1.mbs1.x86_64.rpm\n 239a1c675cf3a4f853cc94cfc188e60e mbs1/x86_64/php-sockets-5.5.24-1.mbs1.x86_64.rpm\n 04e689ed1f9163a149f3448cfe4bd218 mbs1/x86_64/php-sqlite3-5.5.24-1.mbs1.x86_64.rpm\n a39905d2eae282b1d06db94afbf51255 mbs1/x86_64/php-sybase_ct-5.5.24-1.mbs1.x86_64.rpm\n a7fd332d4fea37c9f3335a0d8921f228 mbs1/x86_64/php-sysvmsg-5.5.24-1.mbs1.x86_64.rpm\n b9fdd882caee7f469d3c285082e8f717 mbs1/x86_64/php-sysvsem-5.5.24-1.mbs1.x86_64.rpm\n 79ede61a89fae9e6fab33f1a99b3ded7 mbs1/x86_64/php-sysvshm-5.5.24-1.mbs1.x86_64.rpm\n 5f0b1072e400ccc886979e7647c160f2 mbs1/x86_64/php-tidy-5.5.24-1.mbs1.x86_64.rpm\n 1df6d933d3f5c14bb334b8e49df50901 mbs1/x86_64/php-timezonedb-2015.4-1.mbs1.x86_64.rpm\n e03d364e8d94dc5e509f89ad06b1ceec mbs1/x86_64/php-tokenizer-5.5.24-1.mbs1.x86_64.rpm\n 4eb33980b578bc3f7c8436993e401a6b mbs1/x86_64/php-wddx-5.5.24-1.mbs1.x86_64.rpm\n cfb0b798a98736cebe6d2854610e5c88 mbs1/x86_64/php-xml-5.5.24-1.mbs1.x86_64.rpm\n 2d05b6ecae1866827a732b19bdea2682 mbs1/x86_64/php-xmlreader-5.5.24-1.mbs1.x86_64.rpm\n bab20d281d211f8202d881723f0091f1 mbs1/x86_64/php-xmlrpc-5.5.24-1.mbs1.x86_64.rpm\n d213f4b86b0532049556a37958d12570 mbs1/x86_64/php-xmlwriter-5.5.24-1.mbs1.x86_64.rpm\n a43e88b8cb0cf9a46d63f318d63853c7 mbs1/x86_64/php-xsl-5.5.24-1.mbs1.x86_64.rpm\n 3150b97e91d4363c5b79b6e67cf4febe mbs1/x86_64/php-zip-5.5.24-1.mbs1.x86_64.rpm\n 962d3621008091b8186481e521296d29 mbs1/x86_64/php-zlib-5.5.24-1.mbs1.x86_64.rpm \n 52139e1dbd986bf5b685ee0f92e67da2 mbs1/SRPMS/php-5.5.24-1.mbs1.src.rpm\n 854f5600d70006910d80643b638289d4 mbs1/SRPMS/php-apc-3.1.15-1.18.mbs1.src.rpm\n 77e0fad280231397615e51f099b33f1c mbs1/SRPMS/php-timezonedb-2015.4-1.mbs1.src.rpm\n\n Mandriva Business Server 2/X86_64:\n 2a2dcd3f73583e81c1d4ca142814ed6a mbs2/x86_64/apache-mod_php-5.5.24-1.mbs2.x86_64.rpm\n a7964f16c85b0772835366fa821f7dd1 mbs2/x86_64/lib64php5_common5-5.5.24-1.mbs2.x86_64.rpm\n 624d6512573e4ccc202f9ea08433727e mbs2/x86_64/php-bcmath-5.5.24-1.mbs2.x86_64.rpm\n dd817015c54820a9fc967da7db4b1461 mbs2/x86_64/php-bz2-5.5.24-1.mbs2.x86_64.rpm\n 1c022b50d3f12d3e8e358fca3afe6f0f mbs2/x86_64/php-calendar-5.5.24-1.mbs2.x86_64.rpm\n 52159b3e747e424b1fe40944f404b45d mbs2/x86_64/php-cgi-5.5.24-1.mbs2.x86_64.rpm\n 5ac82cf4acc95e8d8a80537173a1dc98 mbs2/x86_64/php-cli-5.5.24-1.mbs2.x86_64.rpm\n e7271551aa14e6931b0ba22ee33d3712 mbs2/x86_64/php-ctype-5.5.24-1.mbs2.x86_64.rpm\n 7293fa4917183914c356cc2376a5e1ab mbs2/x86_64/php-curl-5.5.24-1.mbs2.x86_64.rpm\n 258058f8e1cda5be8a9444964a553691 mbs2/x86_64/php-dba-5.5.24-1.mbs2.x86_64.rpm\n c0a6fa757e9ffda700f65a93442564d4 mbs2/x86_64/php-devel-5.5.24-1.mbs2.x86_64.rpm\n c06bc210915a004b2b9fcd084f853e20 mbs2/x86_64/php-doc-5.5.24-1.mbs2.noarch.rpm\n 049a5952ec9f5af423d4ecc78ff80f60 mbs2/x86_64/php-dom-5.5.24-1.mbs2.x86_64.rpm\n c09f88b638281bb87aea12ef38455f36 mbs2/x86_64/php-enchant-5.5.24-1.mbs2.x86_64.rpm\n 54d1dc9b189dfb87de442ba2c765deef mbs2/x86_64/php-exif-5.5.24-1.mbs2.x86_64.rpm\n ee6d0aa018912da413a14365a41cc1a2 mbs2/x86_64/php-fileinfo-5.5.24-1.mbs2.x86_64.rpm\n 0f216dc10bb650bdf29c01d9905ca4f2 mbs2/x86_64/php-filter-5.5.24-1.mbs2.x86_64.rpm\n 4bf7b3c69724d769e10f8341c95d6004 mbs2/x86_64/php-fpm-5.5.24-1.mbs2.x86_64.rpm\n aeb60443860bbb7e88a0288fb3e2f6cd mbs2/x86_64/php-ftp-5.5.24-1.mbs2.x86_64.rpm\n 226a551699749179b94570dfa3c50986 mbs2/x86_64/php-gd-5.5.24-1.mbs2.x86_64.rpm\n 5e29df38df1b862e4ba3b5486cdbcc47 mbs2/x86_64/php-gettext-5.5.24-1.mbs2.x86_64.rpm\n ead9effbca236c6c2902955935c28225 mbs2/x86_64/php-gmp-5.5.24-1.mbs2.x86_64.rpm\n c8f01d16bb8cbbd1d891c68c54d2dd16 mbs2/x86_64/php-hash-5.5.24-1.mbs2.x86_64.rpm\n c1c7332cf8dc2c0d21cb57bf4d7f81dd mbs2/x86_64/php-iconv-5.5.24-1.mbs2.x86_64.rpm\n 7f86a963f8cf5e6351acd1fdf995b7a1 mbs2/x86_64/php-imap-5.5.24-1.mbs2.x86_64.rpm\n 215c060793b574a36c28131dca9bf9c7 mbs2/x86_64/php-ini-5.5.24-1.mbs2.x86_64.rpm\n 7f07f161b4e1885aa807d3753d948e10 mbs2/x86_64/php-interbase-5.5.24-1.mbs2.x86_64.rpm\n 8171c9830749db254898f80f8ecbdd04 mbs2/x86_64/php-intl-5.5.24-1.mbs2.x86_64.rpm\n 1fa26b49fa8e0b776d484b4fcc0d4bf3 mbs2/x86_64/php-json-5.5.24-1.mbs2.x86_64.rpm\n 29051ac44b6e2068a71c026e9d458536 mbs2/x86_64/php-ldap-5.5.24-1.mbs2.x86_64.rpm\n 3d97347fe4b9589ae80b7fd16c281dcd mbs2/x86_64/php-mbstring-5.5.24-1.mbs2.x86_64.rpm\n 1a5a41400380b4bcde25d2b693e1dab0 mbs2/x86_64/php-mcrypt-5.5.24-1.mbs2.x86_64.rpm\n a79635ca99cd7ae80d1661373161da1f mbs2/x86_64/php-mssql-5.5.24-1.mbs2.x86_64.rpm\n cdc3bde549c9ae73915db8a0e0919ce5 mbs2/x86_64/php-mysql-5.5.24-1.mbs2.x86_64.rpm\n 7a72c1ab11020a2c52aa3a74636d5342 mbs2/x86_64/php-mysqli-5.5.24-1.mbs2.x86_64.rpm\n 93fb357f9dbf32887a98a5409b3b8a16 mbs2/x86_64/php-mysqlnd-5.5.24-1.mbs2.x86_64.rpm\n caf79717e1ca56ec3e53fdaa25e734aa mbs2/x86_64/php-odbc-5.5.24-1.mbs2.x86_64.rpm\n eb293f64d2bd635c70d36274275e60bb mbs2/x86_64/php-opcache-5.5.24-1.mbs2.x86_64.rpm\n 91847d268cb8a62eb0e89fc95a9c51e6 mbs2/x86_64/php-openssl-5.5.24-1.mbs2.x86_64.rpm\n 35e065d8684684e3e304bafbb309c895 mbs2/x86_64/php-pcntl-5.5.24-1.mbs2.x86_64.rpm\n d65e05e7edf7480ed362783dc75609be mbs2/x86_64/php-pdo-5.5.24-1.mbs2.x86_64.rpm\n 8657b2e1171497ff9ae5864ecccfeb23 mbs2/x86_64/php-pdo_dblib-5.5.24-1.mbs2.x86_64.rpm\n 19c9414ced1e0806b77347f9427d6653 mbs2/x86_64/php-pdo_firebird-5.5.24-1.mbs2.x86_64.rpm\n 28b09335667ac3993f1aca5da234df8a mbs2/x86_64/php-pdo_mysql-5.5.24-1.mbs2.x86_64.rpm\n b928f58777cfbd848985606bd680bf8f mbs2/x86_64/php-pdo_odbc-5.5.24-1.mbs2.x86_64.rpm\n ba6bf3afe9d497b9f1d99cb467b13ca5 mbs2/x86_64/php-pdo_pgsql-5.5.24-1.mbs2.x86_64.rpm\n 21823497094c28ce7bf74f052122fe99 mbs2/x86_64/php-pdo_sqlite-5.5.24-1.mbs2.x86_64.rpm\n 4a6a259c16ca5bad2b466f29acad4985 mbs2/x86_64/php-pgsql-5.5.24-1.mbs2.x86_64.rpm\n 7c9c9f9555a74f3257c6e8f16222d21f mbs2/x86_64/php-phar-5.5.24-1.mbs2.x86_64.rpm\n db4254db501a4fca54fa367b20f068f4 mbs2/x86_64/php-posix-5.5.24-1.mbs2.x86_64.rpm\n 10fb26df5f5a5d3b1988c40678b56fb6 mbs2/x86_64/php-readline-5.5.24-1.mbs2.x86_64.rpm\n c20ddec24b84440146734feb639b0f00 mbs2/x86_64/php-recode-5.5.24-1.mbs2.x86_64.rpm\n 68a49598e99391f37342a3d23a1414e7 mbs2/x86_64/php-session-5.5.24-1.mbs2.x86_64.rpm\n a26563d738120cba5f81ddda143ca55f mbs2/x86_64/php-shmop-5.5.24-1.mbs2.x86_64.rpm\n d69120a1ed4aeb3fe229cc83120d8c78 mbs2/x86_64/php-snmp-5.5.24-1.mbs2.x86_64.rpm\n 4596e3f325f70a29bf12d76793984b20 mbs2/x86_64/php-soap-5.5.24-1.mbs2.x86_64.rpm\n 7deda5cc9443b117fad82352943353ff mbs2/x86_64/php-sockets-5.5.24-1.mbs2.x86_64.rpm\n bc3f0ad45bb5bf488c73a5933a70d2c0 mbs2/x86_64/php-sqlite3-5.5.24-1.mbs2.x86_64.rpm\n 295fa388d26e62dcb0faf23c6e690ffa mbs2/x86_64/php-sybase_ct-5.5.24-1.mbs2.x86_64.rpm\n 88367608d60aac24ca0b0d0d92187b0e mbs2/x86_64/php-sysvmsg-5.5.24-1.mbs2.x86_64.rpm\n 36eac7d0e9a1f148e8954912db56dc13 mbs2/x86_64/php-sysvsem-5.5.24-1.mbs2.x86_64.rpm\n 74e6909f0c7a516bd99625c649bed33c mbs2/x86_64/php-sysvshm-5.5.24-1.mbs2.x86_64.rpm\n 9142ae8fb4665580503bc0520d3aaf89 mbs2/x86_64/php-tidy-5.5.24-1.mbs2.x86_64.rpm\n 4ee29061197f48af9c987d31abdec823 mbs2/x86_64/php-timezonedb-2015.4-1.mbs2.x86_64.rpm\n eafea4beda5144dd3adac0afce3f2258 mbs2/x86_64/php-tokenizer-5.5.24-1.mbs2.x86_64.rpm\n 505c78284f22f95d8a574c13ea043bc4 mbs2/x86_64/php-wddx-5.5.24-1.mbs2.x86_64.rpm\n e7e4fe996d11553ebd80ad4392caae2e mbs2/x86_64/php-xml-5.5.24-1.mbs2.x86_64.rpm\n 7a1c383a450c6a80f95255434e5390fd mbs2/x86_64/php-xmlreader-5.5.24-1.mbs2.x86_64.rpm\n 2af0b36e46ba236da59a98631c664bd9 mbs2/x86_64/php-xmlrpc-5.5.24-1.mbs2.x86_64.rpm\n a3f77553286094ecd60e174cfdb0e6dc mbs2/x86_64/php-xmlwriter-5.5.24-1.mbs2.x86_64.rpm\n b3bb2d250c73f7c355394353b4c0599d mbs2/x86_64/php-xsl-5.5.24-1.mbs2.x86_64.rpm\n a8f9476cba7a6aaab6eee8da66fd8fea mbs2/x86_64/php-zip-5.5.24-1.mbs2.x86_64.rpm\n 43d4282dddd18c07b87774cf704ce5be mbs2/x86_64/php-zlib-5.5.24-1.mbs2.x86_64.rpm \n 8cdfdd3582b44c38d735c58aea9e45f7 mbs2/SRPMS/php-5.5.24-1.mbs2.src.rpm\n 09afb4a05a8a1add563f2cb348fb2b0d mbs2/SRPMS/php-timezonedb-2015.4-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\nCVE-2015-4024\n\n Denial of service when processing multipart/form-data requests. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 5.4.41-0+deb7u1. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.6.9+dfsg-0+deb8u1. \n\nFor the testing distribution (stretch), these problems have been fixed\nin version 5.6.9+dfsg-1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 5.6.9+dfsg-1. \n\nWe recommend that you upgrade your php5 packages",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3329"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003046"
},
{
"db": "BID",
"id": "74240"
},
{
"db": "VULHUB",
"id": "VHN-81290"
},
{
"db": "VULMON",
"id": "CVE-2015-3329"
},
{
"db": "PACKETSTORM",
"id": "131528"
},
{
"db": "PACKETSTORM",
"id": "132618"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "137539"
},
{
"db": "PACKETSTORM",
"id": "131640"
},
{
"db": "PACKETSTORM",
"id": "132198"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-3329",
"trust": 3.5
},
{
"db": "BID",
"id": "74240",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1032145",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU97220341",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94440136",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003046",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-041",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81290",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3329",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131528",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132618",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132406",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137539",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131640",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132198",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81290"
},
{
"db": "VULMON",
"id": "CVE-2015-3329"
},
{
"db": "BID",
"id": "74240"
},
{
"db": "PACKETSTORM",
"id": "131528"
},
{
"db": "PACKETSTORM",
"id": "132618"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "137539"
},
{
"db": "PACKETSTORM",
"id": "131640"
},
{
"db": "PACKETSTORM",
"id": "132198"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-041"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003046"
},
{
"db": "NVD",
"id": "CVE-2015-3329"
}
]
},
"id": "VAR-201506-0464",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81290"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:57:54.364000Z",
"patch": {
"_id": null,
"data": [
{
"title": "APPLE-SA-2015-09-30-3 OS X El Capitan 10.11",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"title": "HT205267",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205267"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205031"
},
{
"title": "HT205267",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/HT205267"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT205031"
},
{
"title": "Sec Bug #69441",
"trust": 0.8,
"url": "https://bugs.php.net/bug.php?id=69441"
},
{
"title": "PHP 5 ChangeLog",
"trust": 0.8,
"url": "http://php.net/ChangeLog-5.php"
},
{
"title": "Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)",
"trust": 0.8,
"url": "http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c"
},
{
"title": "Red Hat: CVE-2015-3329",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-3329"
},
{
"title": "Ubuntu Security Notice: php5 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2572-1"
},
{
"title": "Amazon Linux AMI: ALAS-2015-510",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-510"
},
{
"title": "Amazon Linux AMI: ALAS-2015-511",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-511"
},
{
"title": "Amazon Linux AMI: ALAS-2015-509",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-509"
},
{
"title": "Debian Security Advisories: DSA-3280-1 php5 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=46f85ac4e3abfa7a18e115fb47892db6"
},
{
"title": "Apple: OS X El Capitan v10.11",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=e88bab658248444f5dffc23fd95859e7"
},
{
"title": "Apple: OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=9834d0d73bf28fb80d3390930bafd906"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=8ad80411af3e936eb2998df70506cc71"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=8b701aba68029ec36b631a8e26157a22"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3329"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003046"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81290"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003046"
},
{
"db": "NVD",
"id": "CVE-2015-3329"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/74240"
},
{
"trust": 2.4,
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"trust": 2.2,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1135.html"
},
{
"trust": 2.1,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1218.html"
},
{
"trust": 1.9,
"url": "http://www.ubuntu.com/usn/usn-2572-1"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00008.html"
},
{
"trust": 1.8,
"url": "http://php.net/changelog-5.php"
},
{
"trust": 1.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.8,
"url": "https://bugs.php.net/bug.php?id=69441"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht205267"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht205031"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1066.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1186.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1187.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1032145"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html"
},
{
"trust": 1.0,
"url": "http://git.php.net/?p=php-src.git%3ba=commit%3bh=f59b67ae50064560d7bfcdb0d6a8ab284179053c"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3329"
},
{
"trust": 0.8,
"url": "http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94440136/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu97220341/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3329"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3329"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2783"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3330"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2787"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4021"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4026"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4022"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3329"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213449"
},
{
"trust": 0.3,
"url": "http://www.php.net/"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2348"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4148"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4147"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2301"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4024"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9709"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4025"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4601"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3411"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4600"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4603"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4024"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4021"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4600"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4147"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-3307"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-3411"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4022"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-2783"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3412"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4602"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3307"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4148"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4599"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4026"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-0232"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-0273"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-9705"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-3412"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4598"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4602"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4599"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-2787"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4598"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4601"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-2301"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-9709"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39487"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2572-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2305"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.5.12+dfsg-2ubuntu4.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.3.2-1ubuntu4.30"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.9"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.18"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-9425"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8142"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4604"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3330"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4605"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4025"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2348"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0231"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2301"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1352"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2348"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4022"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6836"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-9709"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4026"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6831"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0273"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4021"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7804"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4643"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6501"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6832"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6832"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6831"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6835"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3330"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2787"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4148"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3329"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7803"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6833"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4025"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-9705"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6834"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6833"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3330"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://advisories.mageia.org/mgasa-2015-0169.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2783"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81290"
},
{
"db": "VULMON",
"id": "CVE-2015-3329"
},
{
"db": "BID",
"id": "74240"
},
{
"db": "PACKETSTORM",
"id": "131528"
},
{
"db": "PACKETSTORM",
"id": "132618"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "137539"
},
{
"db": "PACKETSTORM",
"id": "131640"
},
{
"db": "PACKETSTORM",
"id": "132198"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-041"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003046"
},
{
"db": "NVD",
"id": "CVE-2015-3329"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-81290",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-3329",
"ident": null
},
{
"db": "BID",
"id": "74240",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131528",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132618",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132406",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137539",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131640",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132198",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201505-041",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003046",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-3329",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-06-09T00:00:00",
"db": "VULHUB",
"id": "VHN-81290",
"ident": null
},
{
"date": "2015-06-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3329",
"ident": null
},
{
"date": "2015-04-20T00:00:00",
"db": "BID",
"id": "74240",
"ident": null
},
{
"date": "2015-04-20T19:22:00",
"db": "PACKETSTORM",
"id": "131528",
"ident": null
},
{
"date": "2015-07-09T23:16:17",
"db": "PACKETSTORM",
"id": "132618",
"ident": null
},
{
"date": "2015-06-23T14:07:16",
"db": "PACKETSTORM",
"id": "132406",
"ident": null
},
{
"date": "2016-06-19T15:55:00",
"db": "PACKETSTORM",
"id": "137539",
"ident": null
},
{
"date": "2015-04-27T16:21:20",
"db": "PACKETSTORM",
"id": "131640",
"ident": null
},
{
"date": "2015-06-10T01:21:58",
"db": "PACKETSTORM",
"id": "132198",
"ident": null
},
{
"date": "2015-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-041",
"ident": null
},
{
"date": "2015-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003046",
"ident": null
},
{
"date": "2015-06-09T18:59:02.537000",
"db": "NVD",
"id": "CVE-2015-3329",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2019-12-27T00:00:00",
"db": "VULHUB",
"id": "VHN-81290",
"ident": null
},
{
"date": "2019-12-27T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3329",
"ident": null
},
{
"date": "2016-07-05T21:28:00",
"db": "BID",
"id": "74240",
"ident": null
},
{
"date": "2019-12-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-041",
"ident": null
},
{
"date": "2015-10-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003046",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-3329",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "131528"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-041"
}
],
"trust": 0.8
},
"title": {
"_id": null,
"data": "PHP of phar_internal.h of phar_set_inode Stack-based buffer overflow vulnerability in functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003046"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-041"
}
],
"trust": 0.6
}
}
VAR-201505-0417
Vulnerability from variot - Updated: 2026-04-10 22:57The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM. QEMU is prone to a remote memory-corruption vulnerability because the application fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. Relevant releases/architectures:
Red Hat Enterprise Linux HPC Node EUS (v. 6.5) - i386, x86_64
- After installing this update, shut down all running virtual machines. Relevant releases/architectures:
RHEV Agents (vdsm) - x86_64
-
Gentoo Linux Security Advisory GLSA 201602-01
https://security.gentoo.org/
Severity: Normal Title: QEMU: Multiple vulnerabilities Date: February 04, 2016 Bugs: #544328, #549404, #557206, #558416, #559656, #560422, #560550, #560760, #566792, #567144, #567828, #567868, #568214, #568226, #568246, #569646, #570110, #570988, #571562, #571564, #571566 ID: 201602-01
Synopsis
Multiple vulnerabilities have been found in QEMU, the worst of which may allow a remote attacker to cause a Denial of Service or gain elevated privileges from a guest VM.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/qemu < 2.5.0-r1 >= 2.5.0-r1
Description
Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All QEMU users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/qemu-2.5.0-r1"
References
[ 1 ] CVE-2015-1779 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1779 [ 2 ] CVE-2015-3456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3456 [ 3 ] CVE-2015-5225 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5225 [ 4 ] CVE-2015-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5278 [ 5 ] CVE-2015-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5279 [ 6 ] CVE-2015-5745 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5745 [ 7 ] CVE-2015-6815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6815 [ 8 ] CVE-2015-6855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6855 [ 9 ] CVE-2015-7295 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7295 [ 10 ] CVE-2015-7504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7504 [ 11 ] CVE-2015-7512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7512 [ 12 ] CVE-2015-7549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7549 [ 13 ] CVE-2015-8345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8345 [ 14 ] CVE-2015-8504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8504 [ 15 ] CVE-2015-8556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8556 [ 16 ] CVE-2015-8558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8558 [ 17 ] CVE-2015-8567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8567 [ 18 ] CVE-2015-8568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8568 [ 19 ] CVE-2015-8666 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8666 [ 20 ] CVE-2015-8701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8701 [ 21 ] CVE-2015-8743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8743 [ 22 ] CVE-2015-8744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8744 [ 23 ] CVE-2015-8745 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8745 [ 24 ] CVE-2016-1568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1568
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201602-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
Background
VirtualBox is a powerful virtualization product from Oracle. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04706564
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04706564 Version: 1
HPSBMU03349 rev.1- HP Helion CloudSystem, Local Denial of Service (DoS), Arbitrary Code Execution
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-06-09 Last Updated: 2015-06-09
Potential Security Impact: Local Denial of Service (DoS), arbitrary code execution
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP Helion CloudSystem. The vulnerability could be exploited locally resulting in Denial of Service (DoS) or execution of arbitrary code.
Notes:
This is the vulnerability known as "Virtual Environment Neglected Operations Manipulation" also known as "VENOM". This vulnerability exists in the floppy disk controller driver of QEMU, an open-source virtualization technology used to provision guest Virtual Machines. This vulnerability affects all versions of QEMU and could lead to hypervisor breakout, where a user of the guest VM can gain control of the host. HP Helion CloudSystem leverages QEMU as a core part of its virtualization functionality and is therefore affected by this vulnerability.
References:
CVE-2015-3456 (SSRT102076)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Helion CloudSystem software:
HP Helion CloudSystem 8.x series
Note: Only HP CloudSystem deployment using KVM on RHEL version 6.4 or 6.5 in the control plane or the data plane are affected by this vulnerability
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-3456 (AV:A/AC:L/Au:S/C:C/I:C/A:C) 7.7 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends following remediation steps to resolve the vulnerability in HP Helion CloudSystem.
The following steps are recommended by Red Hat ( https://access.redhat.com/articles/1444903 ) and must be applied for each control plane and data plane node that is using KVM for virtualization:
Login to the node
Upgrade the QEMU package for your system using the command: 'yum update qemu-kvm'. A full system update may be applied using the command 'yum update'. Refer to the HP Helion CloudSystem administrative guide ( http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docI d=c04376928 ) for instructions on restarting appliances.
HISTORY Version:1 (rev.1) - 9 June 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: kvm security update Advisory ID: RHSA-2015:1003-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1003.html Issue date: 2015-05-13 CVE Names: CVE-2015-3456 =====================================================================
- Summary:
Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
RHEL Desktop Multi OS (v. 5 client) - x86_64 RHEL Virtualization (v. 5 server) - x86_64
- Description:
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems.
An out-of-bounds memory access flaw was found in the way QEMU's virtual Floppy Disk Controller (FDC) handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileges of the host's QEMU process corresponding to the guest. (CVE-2015-3456)
Red Hat would like to thank Jason Geffner of CrowdStrike for reporting this issue.
All kvm users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. Note: The procedure in the Solution section must be performed before this update will take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
The following procedure must be performed before this update will take effect:
1) Stop all KVM guest virtual machines.
2) Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd.
3) Restart the KVM guest virtual machines.
- Bugs fixed (https://bugzilla.redhat.com/):
1218611 - CVE-2015-3456 qemu: fdc: out-of-bounds fifo buffer memory access
- Package List:
RHEL Desktop Multi OS (v. 5 client):
Source: kvm-83-272.el5_11.src.rpm
x86_64: kmod-kvm-83-272.el5_11.x86_64.rpm kmod-kvm-debug-83-272.el5_11.x86_64.rpm kvm-83-272.el5_11.x86_64.rpm kvm-debuginfo-83-272.el5_11.x86_64.rpm kvm-qemu-img-83-272.el5_11.x86_64.rpm kvm-tools-83-272.el5_11.x86_64.rpm
RHEL Virtualization (v. 5 server):
Source: kvm-83-272.el5_11.src.rpm
x86_64: kmod-kvm-83-272.el5_11.x86_64.rpm kmod-kvm-debug-83-272.el5_11.x86_64.rpm kvm-83-272.el5_11.x86_64.rpm kvm-debuginfo-83-272.el5_11.x86_64.rpm kvm-qemu-img-83-272.el5_11.x86_64.rpm kvm-tools-83-272.el5_11.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-3456 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVU1nfXlSAg2UNWIIRAtvxAKCVxqsaYdrCQN16dcpCIKajKnUzHgCfVy1r 6y8+9uFGI3F4Epc74lb8mrg= =sjA3 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Berrange discovered a denial of service vulnerability in the VNC web socket decoder.
For the oldstable distribution (wheezy), these problems have been fixed in version 1.1.2+dfsg-6a+deb7u7 of the qemu source package and in version 1.1.2+dfsg-6+deb7u7 of the qemu-kvm source package. Only CVE-2015-3456 affects oldstable.
For the stable distribution (jessie), these problems have been fixed in version 1:2.1+dfsg-12.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your qemu packages. ============================================================================ Ubuntu Security Notice USN-2608-1 May 13, 2015
qemu, qemu-kvm vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in QEMU.
Software Description: - qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer
Details:
Jason Geffner discovered that QEMU incorrectly handled the virtual floppy driver. This issue is known as VENOM. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2015-3456)
Daniel P. Berrange discovered that QEMU incorrectly handled VNC websockets. A remote attacker could use this issue to cause QEMU to consume memory, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-1779)
Jan Beulich discovered that QEMU, when used with Xen, didn't properly restrict access to PCI command registers. A malicious guest could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-2756)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: qemu-system 1:2.2+dfsg-5expubuntu9.1 qemu-system-aarch64 1:2.2+dfsg-5expubuntu9.1 qemu-system-arm 1:2.2+dfsg-5expubuntu9.1 qemu-system-mips 1:2.2+dfsg-5expubuntu9.1 qemu-system-misc 1:2.2+dfsg-5expubuntu9.1 qemu-system-ppc 1:2.2+dfsg-5expubuntu9.1 qemu-system-sparc 1:2.2+dfsg-5expubuntu9.1 qemu-system-x86 1:2.2+dfsg-5expubuntu9.1
Ubuntu 14.10: qemu-system 2.1+dfsg-4ubuntu6.6 qemu-system-aarch64 2.1+dfsg-4ubuntu6.6 qemu-system-arm 2.1+dfsg-4ubuntu6.6 qemu-system-mips 2.1+dfsg-4ubuntu6.6 qemu-system-misc 2.1+dfsg-4ubuntu6.6 qemu-system-ppc 2.1+dfsg-4ubuntu6.6 qemu-system-sparc 2.1+dfsg-4ubuntu6.6 qemu-system-x86 2.1+dfsg-4ubuntu6.6
Ubuntu 14.04 LTS: qemu-system 2.0.0+dfsg-2ubuntu1.11 qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.11 qemu-system-arm 2.0.0+dfsg-2ubuntu1.11 qemu-system-mips 2.0.0+dfsg-2ubuntu1.11 qemu-system-misc 2.0.0+dfsg-2ubuntu1.11 qemu-system-ppc 2.0.0+dfsg-2ubuntu1.11 qemu-system-sparc 2.0.0+dfsg-2ubuntu1.11 qemu-system-x86 2.0.0+dfsg-2ubuntu1.11
Ubuntu 12.04 LTS: qemu-kvm 1.0+noroms-0ubuntu14.22
After a standard system update you need to restart all QEMU virtual machines to make all the necessary changes
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "xen",
"scope": "eq",
"trust": 1.3,
"vendor": "xen",
"version": "4.5.0"
},
{
"_id": null,
"model": "openstack",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "qemu",
"scope": "lte",
"trust": 1.0,
"vendor": "qemu",
"version": "2.3.0"
},
{
"_id": null,
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "qemu",
"scope": "eq",
"trust": 0.6,
"vendor": "qemu",
"version": "2.3.0"
},
{
"_id": null,
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.4.1"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.4.0"
},
{
"_id": null,
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.4.0"
},
{
"_id": null,
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.3.1"
},
{
"_id": null,
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.3.0"
},
{
"_id": null,
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.2.3"
},
{
"_id": null,
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.2.2"
},
{
"_id": null,
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.2.1"
},
{
"_id": null,
"model": "xen",
"scope": "eq",
"trust": 0.3,
"vendor": "xen",
"version": "4.2.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux enterprise software development kit sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "linux enterprise server sp2 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise expanded support",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7"
},
{
"_id": null,
"model": "linux enterprise expanded support",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6"
},
{
"_id": null,
"model": "linux enterprise expanded support",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "5"
},
{
"_id": null,
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"_id": null,
"model": "openstack for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.07"
},
{
"_id": null,
"model": "openstack for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.07"
},
{
"_id": null,
"model": "openstack for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.06"
},
{
"_id": null,
"model": "enterprise virtualization",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux virtualization server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop multi os client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "qemu",
"scope": "eq",
"trust": 0.3,
"vendor": "qemu",
"version": "0"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "northstar controller application",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2.1.0"
},
{
"_id": null,
"model": "smartdatacenter",
"scope": "eq",
"trust": 0.3,
"vendor": "joyent",
"version": "0"
},
{
"_id": null,
"model": "public cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "joyent",
"version": "0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"_id": null,
"model": "fusioncompute v100r005c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fusioncompute v100r005c00spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fusioncompute v100r005c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fusioncompute v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fusioncompute v100r003c10cp6001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fusioncompute v100r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fusioncompute v100r003c00spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fusioncompute v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "helion openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1.0"
},
{
"_id": null,
"model": "helion openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0.0"
},
{
"_id": null,
"model": "helion cloudsystem",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "fortisandbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0.2"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.0.2"
},
{
"_id": null,
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.5"
},
{
"_id": null,
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.2"
},
{
"_id": null,
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.1"
},
{
"_id": null,
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "northstar controller application service pack",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "2.1.01"
},
{
"_id": null,
"model": "fusioncompute v100r005c00cp3001",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fortisandbox",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "74640"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-207"
},
{
"db": "NVD",
"id": "CVE-2015-3456"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "132057"
},
{
"db": "PACKETSTORM",
"id": "131893"
},
{
"db": "PACKETSTORM",
"id": "131894"
},
{
"db": "PACKETSTORM",
"id": "131890"
},
{
"db": "PACKETSTORM",
"id": "131889"
}
],
"trust": 0.5
},
"cve": "CVE-2015-3456",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CVE-2015-3456",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3456",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-207",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-3456",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3456"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-207"
},
{
"db": "NVD",
"id": "CVE-2015-3456"
}
]
},
"description": {
"_id": null,
"data": "The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM. QEMU is prone to a remote memory-corruption vulnerability because the application fails to perform adequate boundary-checks on user-supplied data. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. Relevant releases/architectures:\n\nRed Hat Enterprise Linux HPC Node EUS (v. 6.5) - i386, x86_64\n\n3. After installing this\nupdate, shut down all running virtual machines. Relevant releases/architectures:\n\nRHEV Agents (vdsm) - x86_64\n\n3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201602-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: QEMU: Multiple vulnerabilities\n Date: February 04, 2016\n Bugs: #544328, #549404, #557206, #558416, #559656, #560422,\n #560550, #560760, #566792, #567144, #567828, #567868,\n #568214, #568226, #568246, #569646, #570110, #570988,\n #571562, #571564, #571566\n ID: 201602-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in QEMU, the worst of which\nmay allow a remote attacker to cause a Denial of Service or gain\nelevated privileges from a guest VM. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-emulation/qemu \u003c 2.5.0-r1 \u003e= 2.5.0-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in QEMU. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll QEMU users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-emulation/qemu-2.5.0-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-1779\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1779\n[ 2 ] CVE-2015-3456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3456\n[ 3 ] CVE-2015-5225\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5225\n[ 4 ] CVE-2015-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5278\n[ 5 ] CVE-2015-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5279\n[ 6 ] CVE-2015-5745\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5745\n[ 7 ] CVE-2015-6815\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6815\n[ 8 ] CVE-2015-6855\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6855\n[ 9 ] CVE-2015-7295\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7295\n[ 10 ] CVE-2015-7504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7504\n[ 11 ] CVE-2015-7512\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7512\n[ 12 ] CVE-2015-7549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7549\n[ 13 ] CVE-2015-8345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8345\n[ 14 ] CVE-2015-8504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8504\n[ 15 ] CVE-2015-8556\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8556\n[ 16 ] CVE-2015-8558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8558\n[ 17 ] CVE-2015-8567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8567\n[ 18 ] CVE-2015-8568\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8568\n[ 19 ] CVE-2015-8666\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8666\n[ 20 ] CVE-2015-8701\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8701\n[ 21 ] CVE-2015-8743\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8743\n[ 22 ] CVE-2015-8744\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8744\n[ 23 ] CVE-2015-8745\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8745\n[ 24 ] CVE-2016-1568\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1568\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201602-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\nBackground\n==========\n\nVirtualBox is a powerful virtualization product from Oracle. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04706564\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04706564\nVersion: 1\n\nHPSBMU03349 rev.1- HP Helion CloudSystem, Local Denial of Service (DoS),\nArbitrary Code Execution\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-06-09\nLast Updated: 2015-06-09\n\nPotential Security Impact: Local Denial of Service (DoS), arbitrary code\nexecution\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP Helion\nCloudSystem. The vulnerability could be exploited locally resulting in Denial\nof Service (DoS) or execution of arbitrary code. \n\nNotes:\n\nThis is the vulnerability known as \"Virtual Environment Neglected Operations\nManipulation\" also known as \"VENOM\". \nThis vulnerability exists in the floppy disk controller driver of QEMU, an\nopen-source virtualization technology used to provision guest Virtual\nMachines. \nThis vulnerability affects all versions of QEMU and could lead to hypervisor\nbreakout, where a user of the guest VM can gain control of the host. HP\nHelion CloudSystem leverages QEMU as a core part of its virtualization\nfunctionality and is therefore affected by this vulnerability. \n\nReferences:\n\nCVE-2015-3456 (SSRT102076)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Helion CloudSystem software:\n\nHP Helion CloudSystem 8.x series\n\nNote: Only HP CloudSystem deployment using KVM on RHEL version 6.4 or 6.5 in\nthe control plane or the data plane are affected by this vulnerability\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-3456 (AV:A/AC:L/Au:S/C:C/I:C/A:C) 7.7\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP recommends following remediation steps to resolve the vulnerability in HP\nHelion CloudSystem. \n\nThe following steps are recommended by Red Hat (\nhttps://access.redhat.com/articles/1444903 ) and must be applied for each\ncontrol plane and data plane node that is using KVM for virtualization:\n\nLogin to the node\n\nUpgrade the QEMU package for your system using the command: \u0027yum update\nqemu-kvm\u0027. A full system update may be applied using the command \u0027yum\nupdate\u0027. Refer to the HP Helion CloudSystem administrative\nguide ( http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docI\nd=c04376928 ) for instructions on restarting appliances. \n\nHISTORY\nVersion:1 (rev.1) - 9 June 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kvm security update\nAdvisory ID: RHSA-2015:1003-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1003.html\nIssue date: 2015-05-13\nCVE Names: CVE-2015-3456 \n=====================================================================\n\n1. Summary:\n\nUpdated kvm packages that fix one security issue are now available for Red\nHat Enterprise Linux 5. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRHEL Desktop Multi OS (v. 5 client) - x86_64\nRHEL Virtualization (v. 5 server) - x86_64\n\n3. Description:\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. \n\nAn out-of-bounds memory access flaw was found in the way QEMU\u0027s virtual\nFloppy Disk Controller (FDC) handled FIFO buffer access while processing\ncertain FDC commands. A privileged guest user could use this flaw to crash\nthe guest or, potentially, execute arbitrary code on the host with the\nprivileges of the host\u0027s QEMU process corresponding to the guest. \n(CVE-2015-3456)\n\nRed Hat would like to thank Jason Geffner of CrowdStrike for reporting\nthis issue. \n\nAll kvm users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. Note: The procedure in\nthe Solution section must be performed before this update will take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe following procedure must be performed before this update will take\neffect:\n\n1) Stop all KVM guest virtual machines. \n\n2) Either reboot the hypervisor machine or, as the root user, remove (using\n\"modprobe -r [module]\") and reload (using \"modprobe [module]\") all of the\nfollowing modules which are currently running (determined using \"lsmod\"):\nkvm, ksm, kvm-intel or kvm-amd. \n\n3) Restart the KVM guest virtual machines. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1218611 - CVE-2015-3456 qemu: fdc: out-of-bounds fifo buffer memory access\n\n6. Package List:\n\nRHEL Desktop Multi OS (v. 5 client):\n\nSource:\nkvm-83-272.el5_11.src.rpm\n\nx86_64:\nkmod-kvm-83-272.el5_11.x86_64.rpm\nkmod-kvm-debug-83-272.el5_11.x86_64.rpm\nkvm-83-272.el5_11.x86_64.rpm\nkvm-debuginfo-83-272.el5_11.x86_64.rpm\nkvm-qemu-img-83-272.el5_11.x86_64.rpm\nkvm-tools-83-272.el5_11.x86_64.rpm\n\nRHEL Virtualization (v. 5 server):\n\nSource:\nkvm-83-272.el5_11.src.rpm\n\nx86_64:\nkmod-kvm-83-272.el5_11.x86_64.rpm\nkmod-kvm-debug-83-272.el5_11.x86_64.rpm\nkvm-83-272.el5_11.x86_64.rpm\nkvm-debuginfo-83-272.el5_11.x86_64.rpm\nkvm-qemu-img-83-272.el5_11.x86_64.rpm\nkvm-tools-83-272.el5_11.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-3456\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVU1nfXlSAg2UNWIIRAtvxAKCVxqsaYdrCQN16dcpCIKajKnUzHgCfVy1r\n6y8+9uFGI3F4Epc74lb8mrg=\n=sjA3\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Berrange discovered a denial of service vulnerability in\n the VNC web socket decoder. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 1.1.2+dfsg-6a+deb7u7 of the qemu source package and in version\n1.1.2+dfsg-6+deb7u7 of the qemu-kvm source package. Only CVE-2015-3456\naffects oldstable. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1:2.1+dfsg-12. \n\nFor the unstable distribution (sid), these problems will be fixed soon. \n\nWe recommend that you upgrade your qemu packages. ============================================================================\nUbuntu Security Notice USN-2608-1\nMay 13, 2015\n\nqemu, qemu-kvm vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in QEMU. \n\nSoftware Description:\n- qemu: Machine emulator and virtualizer\n- qemu-kvm: Machine emulator and virtualizer\n\nDetails:\n\nJason Geffner discovered that QEMU incorrectly handled the virtual floppy\ndriver. This issue is known as VENOM. In the default installation,\nwhen QEMU is used with libvirt, attackers would be isolated by the libvirt\nAppArmor profile. (CVE-2015-3456)\n\nDaniel P. Berrange discovered that QEMU incorrectly handled VNC websockets. \nA remote attacker could use this issue to cause QEMU to consume memory,\nresulting in a denial of service. This issue only affected Ubuntu 14.04\nLTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-1779)\n\nJan Beulich discovered that QEMU, when used with Xen, didn\u0027t properly\nrestrict access to PCI command registers. A malicious guest could use this\nissue to cause a denial of service. This issue only affected Ubuntu 14.04\nLTS and Ubuntu 14.10. (CVE-2015-2756)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n qemu-system 1:2.2+dfsg-5expubuntu9.1\n qemu-system-aarch64 1:2.2+dfsg-5expubuntu9.1\n qemu-system-arm 1:2.2+dfsg-5expubuntu9.1\n qemu-system-mips 1:2.2+dfsg-5expubuntu9.1\n qemu-system-misc 1:2.2+dfsg-5expubuntu9.1\n qemu-system-ppc 1:2.2+dfsg-5expubuntu9.1\n qemu-system-sparc 1:2.2+dfsg-5expubuntu9.1\n qemu-system-x86 1:2.2+dfsg-5expubuntu9.1\n\nUbuntu 14.10:\n qemu-system 2.1+dfsg-4ubuntu6.6\n qemu-system-aarch64 2.1+dfsg-4ubuntu6.6\n qemu-system-arm 2.1+dfsg-4ubuntu6.6\n qemu-system-mips 2.1+dfsg-4ubuntu6.6\n qemu-system-misc 2.1+dfsg-4ubuntu6.6\n qemu-system-ppc 2.1+dfsg-4ubuntu6.6\n qemu-system-sparc 2.1+dfsg-4ubuntu6.6\n qemu-system-x86 2.1+dfsg-4ubuntu6.6\n\nUbuntu 14.04 LTS:\n qemu-system 2.0.0+dfsg-2ubuntu1.11\n qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.11\n qemu-system-arm 2.0.0+dfsg-2ubuntu1.11\n qemu-system-mips 2.0.0+dfsg-2ubuntu1.11\n qemu-system-misc 2.0.0+dfsg-2ubuntu1.11\n qemu-system-ppc 2.0.0+dfsg-2ubuntu1.11\n qemu-system-sparc 2.0.0+dfsg-2ubuntu1.11\n qemu-system-x86 2.0.0+dfsg-2ubuntu1.11\n\nUbuntu 12.04 LTS:\n qemu-kvm 1.0+noroms-0ubuntu14.22\n\nAfter a standard system update you need to restart all QEMU virtual\nmachines to make all the necessary changes",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3456"
},
{
"db": "BID",
"id": "74640"
},
{
"db": "VULMON",
"id": "CVE-2015-3456"
},
{
"db": "PACKETSTORM",
"id": "132057"
},
{
"db": "PACKETSTORM",
"id": "131893"
},
{
"db": "PACKETSTORM",
"id": "131894"
},
{
"db": "PACKETSTORM",
"id": "131890"
},
{
"db": "PACKETSTORM",
"id": "135598"
},
{
"db": "PACKETSTORM",
"id": "140113"
},
{
"db": "PACKETSTORM",
"id": "132205"
},
{
"db": "PACKETSTORM",
"id": "131889"
},
{
"db": "PACKETSTORM",
"id": "132083"
},
{
"db": "PACKETSTORM",
"id": "131879"
},
{
"db": "PACKETSTORM",
"id": "131899"
}
],
"trust": 2.25
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=37053",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3456"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-3456",
"trust": 3.1
},
{
"db": "BID",
"id": "74640",
"trust": 2.0
},
{
"db": "JUNIPER",
"id": "JSA10783",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1032917",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1032306",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1032311",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "37053",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10693",
"trust": 1.7
},
{
"db": "MCAFEE",
"id": "SB10118",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-207",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2015-3456",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132057",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131893",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131894",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131890",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135598",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140113",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132205",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131889",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132083",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131879",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131899",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3456"
},
{
"db": "BID",
"id": "74640"
},
{
"db": "PACKETSTORM",
"id": "132057"
},
{
"db": "PACKETSTORM",
"id": "131893"
},
{
"db": "PACKETSTORM",
"id": "131894"
},
{
"db": "PACKETSTORM",
"id": "131890"
},
{
"db": "PACKETSTORM",
"id": "135598"
},
{
"db": "PACKETSTORM",
"id": "140113"
},
{
"db": "PACKETSTORM",
"id": "132205"
},
{
"db": "PACKETSTORM",
"id": "131889"
},
{
"db": "PACKETSTORM",
"id": "132083"
},
{
"db": "PACKETSTORM",
"id": "131879"
},
{
"db": "PACKETSTORM",
"id": "131899"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-207"
},
{
"db": "NVD",
"id": "CVE-2015-3456"
}
]
},
"id": "VAR-201505-0417",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.36158728999999995
},
"last_update_date": "2026-04-10T22:57:00.870000Z",
"patch": {
"_id": null,
"data": [
{
"title": "xsa133-qemuu",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55519"
},
{
"title": "xsa133-qemut",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55518"
},
{
"title": "xsa133-qemuu-4.3-4.2",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55520"
},
{
"title": "qemu.git-e907746266721f305d67bc0718795fedee2e824c",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55517"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/05/05/poc_exploit_tripled_2015_study/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2015/05/19/oracle_patches_venom/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2015/05/14/venom_analysis/"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2015-3456: floppy driver host code execution",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=1e9cefc84b9a72ae90225e9ff55d95b7"
},
{
"title": "Debian Security Advisories: DSA-3262-1 xen -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=062e555c99e007ed070757c824f250eb"
},
{
"title": "Debian Security Advisories: DSA-3274-1 virtualbox -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=13673fabccef0c794fd2bc2944597470"
},
{
"title": "Ubuntu Security Notice: qemu, qemu-kvm vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2608-1"
},
{
"title": "Debian Security Advisories: DSA-3259-1 qemu -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=57edcd554beef990c5db7c77e4410e91"
},
{
"title": "Debian CVElist Bug Report Logs: qemu: CVE-2014-9718 CVE-2015-1779",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=a8c61c5fbe108faa83788a9a61ccb677"
},
{
"title": "Symantec Security Advisories: SA95 : VENOM Vulnerability in Virtualization Platforms",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=015b922e5570d0f4c9f66b103d8e694a"
},
{
"title": "Oracle: Oracle Security Alert for CVE-2015-3456",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=222bdb74a04df3dae048eda54c80f9ea"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=459961024c4bdce7bb3a1a40a65a6f2e"
},
{
"title": "elysiumVM",
"trust": 0.1,
"url": "https://github.com/cyberlifetech/elysiumVM "
},
{
"title": "cve-2015-3456",
"trust": 0.1,
"url": "https://github.com/vincentbernat/cve-2015-3456 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/RUB-SysSec/Hypercube "
},
{
"title": "laputa",
"trust": 0.1,
"url": "https://github.com/takuzoo3868/laputa "
},
{
"title": "cookbook-xs-maintenance",
"trust": 0.1,
"url": "https://github.com/pigram86/cookbook-xs-maintenance "
},
{
"title": "rhsecapi",
"trust": 0.1,
"url": "https://github.com/RedHatOfficial/rhsecapi "
},
{
"title": "cve-pylib",
"trust": 0.1,
"url": "https://github.com/RedHatProductSecurity/cve-pylib "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3456"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-207"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3456"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.6,
"url": "http://support.citrix.com/article/ctx201078"
},
{
"trust": 2.3,
"url": "http://www.debian.org/security/2015/dsa-3274"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/74640"
},
{
"trust": 2.3,
"url": "http://www.debian.org/security/2015/dsa-3259"
},
{
"trust": 2.3,
"url": "http://www.debian.org/security/2015/dsa-3262"
},
{
"trust": 2.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1000.html"
},
{
"trust": 2.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1001.html"
},
{
"trust": 2.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1004.html"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0999.html"
},
{
"trust": 2.0,
"url": "http://xenbits.xen.org/xsa/advisory-133.html"
},
{
"trust": 2.0,
"url": "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/"
},
{
"trust": 2.0,
"url": "http://venom.crowdstrike.com/"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1011.html"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/articles/1444903"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1003.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-2608-1"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/37053/"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201612-27"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201602-01"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1002.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0998.html"
},
{
"trust": 1.7,
"url": "https://www.suse.com/security/cve/cve-2015-3456.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=143229451215900\u0026w=2"
},
{
"trust": 1.7,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10118"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/158072.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/venom"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=143387998230996\u0026w=2"
},
{
"trust": 1.7,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10693"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa95"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1032311"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1032306"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html"
},
{
"trust": 1.7,
"url": "https://kb.juniper.net/jsa10783"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1032917"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3456"
},
{
"trust": 1.0,
"url": "http://git.qemu.org/?p=qemu.git%3ba=commitdiff%3bh=e907746266721f305d67bc0718795fedee2e824c"
},
{
"trust": 0.7,
"url": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e907746266721f305d67bc0718795fedee2e824c"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2015-3456"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://rhn.redhat.com/errata/rhsa-2015-1031.html"
},
{
"trust": 0.4,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.3,
"url": "http://git.qemu.org/?p=qemu.git;a=commit;h=e907746266721f305d67bc0718795fedee2e824c"
},
{
"trust": 0.3,
"url": "http://wiki.qemu.org/main_page"
},
{
"trust": 0.3,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10783\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://www.fortiguard.com/advisory/fg-ir-15-012/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/may/129"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04706564"
},
{
"trust": 0.3,
"url": "https://www.suse.com/support/kb/doc.php?id=7016497"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-438937.htm"
},
{
"trust": 0.3,
"url": "https://help.joyent.com/entries/68099220-security-advisory-on-venom-cve-2015-3456-in-kvm-qemu"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098681"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903743"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022292"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/archive/hw-428704.htm"
},
{
"trust": 0.3,
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150889-1.html"
},
{
"trust": 0.3,
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150943-1.html"
},
{
"trust": 0.3,
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150896-1.html"
},
{
"trust": 0.3,
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150889-2.html"
},
{
"trust": 0.3,
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1.html"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/connections/blogs/psirt/entry/venom_cve_2015_3456?lang=en_us"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1779"
},
{
"trust": 0.2,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3456"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2756"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://github.com/cyberlifetech/elysiumvm"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38855"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2608-1/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1779"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8345"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5278"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8745"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5278"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8701"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5279"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7512"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8568"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6815"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8745"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7295"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5225"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8568"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6855"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5745"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8556"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8743"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1568"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5279"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8556"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5225"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6815"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7295"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8666"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8701"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7512"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8743"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8744"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5745"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6855"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8666"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8744"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0418"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0983"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0377"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0377"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0427"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5613"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6588"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0427"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0983"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0418"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6588"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5613"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5611"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6589"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?doci"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9718"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/qemu/2.0.0+dfsg-2ubuntu1.11"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/qemu/1:2.2+dfsg-5expubuntu9.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/qemu/2.1+dfsg-4ubuntu6.6"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/qemu-kvm/1.0+noroms-0ubuntu14.22"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3456"
},
{
"db": "BID",
"id": "74640"
},
{
"db": "PACKETSTORM",
"id": "132057"
},
{
"db": "PACKETSTORM",
"id": "131893"
},
{
"db": "PACKETSTORM",
"id": "131894"
},
{
"db": "PACKETSTORM",
"id": "131890"
},
{
"db": "PACKETSTORM",
"id": "135598"
},
{
"db": "PACKETSTORM",
"id": "140113"
},
{
"db": "PACKETSTORM",
"id": "132205"
},
{
"db": "PACKETSTORM",
"id": "131889"
},
{
"db": "PACKETSTORM",
"id": "132083"
},
{
"db": "PACKETSTORM",
"id": "131879"
},
{
"db": "PACKETSTORM",
"id": "131899"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-207"
},
{
"db": "NVD",
"id": "CVE-2015-3456"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2015-3456",
"ident": null
},
{
"db": "BID",
"id": "74640",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132057",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131893",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131894",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131890",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135598",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "140113",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132205",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131889",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132083",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131879",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131899",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201505-207",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-3456",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-05-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3456",
"ident": null
},
{
"date": "2015-05-13T00:00:00",
"db": "BID",
"id": "74640",
"ident": null
},
{
"date": "2015-05-28T05:28:18",
"db": "PACKETSTORM",
"id": "132057",
"ident": null
},
{
"date": "2015-05-13T19:45:32",
"db": "PACKETSTORM",
"id": "131893",
"ident": null
},
{
"date": "2015-05-13T19:45:39",
"db": "PACKETSTORM",
"id": "131894",
"ident": null
},
{
"date": "2015-05-13T19:45:08",
"db": "PACKETSTORM",
"id": "131890",
"ident": null
},
{
"date": "2016-02-04T21:45:16",
"db": "PACKETSTORM",
"id": "135598",
"ident": null
},
{
"date": "2016-12-12T04:22:22",
"db": "PACKETSTORM",
"id": "140113",
"ident": null
},
{
"date": "2015-06-10T01:23:25",
"db": "PACKETSTORM",
"id": "132205",
"ident": null
},
{
"date": "2015-05-13T19:44:59",
"db": "PACKETSTORM",
"id": "131889",
"ident": null
},
{
"date": "2015-05-29T23:37:29",
"db": "PACKETSTORM",
"id": "132083",
"ident": null
},
{
"date": "2015-05-13T17:43:32",
"db": "PACKETSTORM",
"id": "131879",
"ident": null
},
{
"date": "2015-05-13T19:17:35",
"db": "PACKETSTORM",
"id": "131899",
"ident": null
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-207",
"ident": null
},
{
"date": "2015-05-13T18:59:00.157000",
"db": "NVD",
"id": "CVE-2015-3456",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-11-17T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3456",
"ident": null
},
{
"date": "2017-04-18T00:05:00",
"db": "BID",
"id": "74640",
"ident": null
},
{
"date": "2021-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-207",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-3456",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-207"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "QEMU Floppy Disk Controller Buffer error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-207"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "132057"
},
{
"db": "PACKETSTORM",
"id": "131893"
},
{
"db": "PACKETSTORM",
"id": "131894"
},
{
"db": "PACKETSTORM",
"id": "131890"
},
{
"db": "PACKETSTORM",
"id": "132205"
},
{
"db": "PACKETSTORM",
"id": "131889"
},
{
"db": "PACKETSTORM",
"id": "131899"
}
],
"trust": 0.7
}
}
VAR-201205-0195
Vulnerability from variot - Updated: 2026-04-10 22:45Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, bypass security restrictions or cause denial-of-service conditions; other attacks may also be possible. Versions prior to Chrome 19 are vulnerable.
For the stable distribution (squeeze), this problem has been fixed in version 2.7.8.dfsg-2+squeeze4.
For the unstable distribution (sid), this problem has been fixed in version 2.7.8.dfsg-9.1. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . An attacker with a privileged network position may inject arbitrary contents. This issue was addressed by using an encrypted HTTPS connection to retrieve tutorials.
A denial of service flaw was found in the way libxml2 performed string substitutions when entity values for entity references replacement was enabled. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: libxml2 security update Advisory ID: RHSA-2012:1288-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1288.html Issue date: 2012-09-18 CVE Names: CVE-2011-3102 CVE-2012-2807 =====================================================================
- Summary:
Updated libxml2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion. A remote attacker could provide a large, specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-2807)
A one byte buffer overflow was found in the way libxml2 evaluated certain parts of XML Pointer Language (XPointer) expressions. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3102)
All users of libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libxml2-2.6.26-2.1.15.el5_8.5.src.rpm
i386: libxml2-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-python-2.6.26-2.1.15.el5_8.5.i386.rpm
x86_64: libxml2-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-2.6.26-2.1.15.el5_8.5.x86_64.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.x86_64.rpm libxml2-python-2.6.26-2.1.15.el5_8.5.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libxml2-2.6.26-2.1.15.el5_8.5.src.rpm
i386: libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-devel-2.6.26-2.1.15.el5_8.5.i386.rpm
x86_64: libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.x86_64.rpm libxml2-devel-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-devel-2.6.26-2.1.15.el5_8.5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/libxml2-2.6.26-2.1.15.el5_8.5.src.rpm
i386: libxml2-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-devel-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-python-2.6.26-2.1.15.el5_8.5.i386.rpm
ia64: libxml2-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-2.6.26-2.1.15.el5_8.5.ia64.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.ia64.rpm libxml2-devel-2.6.26-2.1.15.el5_8.5.ia64.rpm libxml2-python-2.6.26-2.1.15.el5_8.5.ia64.rpm
ppc: libxml2-2.6.26-2.1.15.el5_8.5.ppc.rpm libxml2-2.6.26-2.1.15.el5_8.5.ppc64.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.ppc.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.ppc64.rpm libxml2-devel-2.6.26-2.1.15.el5_8.5.ppc.rpm libxml2-devel-2.6.26-2.1.15.el5_8.5.ppc64.rpm libxml2-python-2.6.26-2.1.15.el5_8.5.ppc.rpm
s390x: libxml2-2.6.26-2.1.15.el5_8.5.s390.rpm libxml2-2.6.26-2.1.15.el5_8.5.s390x.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.s390.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.s390x.rpm libxml2-devel-2.6.26-2.1.15.el5_8.5.s390.rpm libxml2-devel-2.6.26-2.1.15.el5_8.5.s390x.rpm libxml2-python-2.6.26-2.1.15.el5_8.5.s390x.rpm
x86_64: libxml2-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-2.6.26-2.1.15.el5_8.5.x86_64.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.x86_64.rpm libxml2-devel-2.6.26-2.1.15.el5_8.5.i386.rpm libxml2-devel-2.6.26-2.1.15.el5_8.5.x86_64.rpm libxml2-python-2.6.26-2.1.15.el5_8.5.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm
i386: libxml2-2.7.6-8.el6_3.3.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm libxml2-python-2.7.6-8.el6_3.3.i686.rpm
x86_64: libxml2-2.7.6-8.el6_3.3.i686.rpm libxml2-2.7.6-8.el6_3.3.x86_64.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm libxml2-python-2.7.6-8.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm
i386: libxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm libxml2-devel-2.7.6-8.el6_3.3.i686.rpm libxml2-static-2.7.6-8.el6_3.3.i686.rpm
x86_64: libxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm libxml2-devel-2.7.6-8.el6_3.3.i686.rpm libxml2-devel-2.7.6-8.el6_3.3.x86_64.rpm libxml2-static-2.7.6-8.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm
x86_64: libxml2-2.7.6-8.el6_3.3.i686.rpm libxml2-2.7.6-8.el6_3.3.x86_64.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm libxml2-python-2.7.6-8.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm
x86_64: libxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm libxml2-devel-2.7.6-8.el6_3.3.i686.rpm libxml2-devel-2.7.6-8.el6_3.3.x86_64.rpm libxml2-static-2.7.6-8.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm
i386: libxml2-2.7.6-8.el6_3.3.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm libxml2-devel-2.7.6-8.el6_3.3.i686.rpm libxml2-python-2.7.6-8.el6_3.3.i686.rpm
ppc64: libxml2-2.7.6-8.el6_3.3.ppc.rpm libxml2-2.7.6-8.el6_3.3.ppc64.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.ppc.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.ppc64.rpm libxml2-devel-2.7.6-8.el6_3.3.ppc.rpm libxml2-devel-2.7.6-8.el6_3.3.ppc64.rpm libxml2-python-2.7.6-8.el6_3.3.ppc64.rpm
s390x: libxml2-2.7.6-8.el6_3.3.s390.rpm libxml2-2.7.6-8.el6_3.3.s390x.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.s390.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.s390x.rpm libxml2-devel-2.7.6-8.el6_3.3.s390.rpm libxml2-devel-2.7.6-8.el6_3.3.s390x.rpm libxml2-python-2.7.6-8.el6_3.3.s390x.rpm
x86_64: libxml2-2.7.6-8.el6_3.3.i686.rpm libxml2-2.7.6-8.el6_3.3.x86_64.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm libxml2-devel-2.7.6-8.el6_3.3.i686.rpm libxml2-devel-2.7.6-8.el6_3.3.x86_64.rpm libxml2-python-2.7.6-8.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm
i386: libxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm libxml2-static-2.7.6-8.el6_3.3.i686.rpm
ppc64: libxml2-debuginfo-2.7.6-8.el6_3.3.ppc64.rpm libxml2-static-2.7.6-8.el6_3.3.ppc64.rpm
s390x: libxml2-debuginfo-2.7.6-8.el6_3.3.s390x.rpm libxml2-static-2.7.6-8.el6_3.3.s390x.rpm
x86_64: libxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm libxml2-static-2.7.6-8.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm
i386: libxml2-2.7.6-8.el6_3.3.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm libxml2-devel-2.7.6-8.el6_3.3.i686.rpm libxml2-python-2.7.6-8.el6_3.3.i686.rpm
x86_64: libxml2-2.7.6-8.el6_3.3.i686.rpm libxml2-2.7.6-8.el6_3.3.x86_64.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm libxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm libxml2-devel-2.7.6-8.el6_3.3.i686.rpm libxml2-devel-2.7.6-8.el6_3.3.x86_64.rpm libxml2-python-2.7.6-8.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm
i386: libxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm libxml2-static-2.7.6-8.el6_3.3.i686.rpm
x86_64: libxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm libxml2-static-2.7.6-8.el6_3.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-3102.html https://www.redhat.com/security/data/cve/CVE-2012-2807.html https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201207-02
http://security.gentoo.org/
Severity: Normal Title: libxml2: User-assisted execution of arbitrary code Date: July 09, 2012 Bugs: #416209 ID: 201207-02
Synopsis
A off-by-one error in libxml2 could result in execution of arbitrary code or Denial of Service.
Background
libxml2 is the XML C parser and toolkit developed for the Gnome project.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/libxml2 < 2.8.0_rc1 >= 2.8.0_rc1
Description
The "xmlXPtrEvalXPtrPart()" function in xpointer.c contains an off-by-one error.
Workaround
There is no known workaround at this time.
Resolution
All libxml2 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.8.0_rc1"
References
[ 1 ] CVE-2011-3102 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3102
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201207-02.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ============================================================================ Ubuntu Security Notice USN-1447-1 May 21, 2012
libxml2 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04 LTS
- Ubuntu 8.04 LTS
Summary:
Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: libxml2 2.7.8.dfsg-5.1ubuntu4.1
Ubuntu 11.10: libxml2 2.7.8.dfsg-4ubuntu0.3
Ubuntu 11.04: libxml2 2.7.8.dfsg-2ubuntu0.4
Ubuntu 10.04 LTS: libxml2 2.7.6.dfsg-1ubuntu1.5
Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.9
After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2013-09-18-2 iOS 7
iOS 7 is now available and addresses the following:
Certificate Trust Policy Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Root certificates have been updated Description: Several certificates were added to or removed from the list of system roots.
CoreGraphics Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JBIG2 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1025 : Felix Groebert of the Google Security Team
CoreMedia Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of Sorenson encoded movie files. This issue was addressed through improved bounds checking. CVE-ID CVE-2013-1019 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft) working with HP's Zero Day Initiative
Data Protection Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Apps could bypass passcode-attempt restrictions Description: A privilege separation issue existed in Data Protection. An app within the third-party sandbox could repeatedly attempt to determine the user's passcode regardless of the user's "Erase Data" setting. This issue was addressed by requiring additional entitlement checks. CVE-ID CVE-2013-0957 : Jin Han of the Institute for Infocomm Research working with Qiang Yan and Su Mon Kywe of Singapore Management University
Data Security Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: TrustWave, a trusted root CA, has issued, and subsequently revoked, a sub-CA certificate from one of its trusted anchors. This sub-CA facilitated the interception of communications secured by Transport Layer Security (TLS). This update added the involved sub-CA certificate to OS X's list of untrusted certificates. CVE-ID CVE-2013-5134
dyld Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker who has arbitrary code execution on a device may be able to persist code execution across reboots Description: Multiple buffer overflows existed in dyld's openSharedCacheFile() function. These issues were addressed through improved bounds checking. CVE-ID CVE-2013-3950 : Stefan Esser
File Systems Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker who can mount a non-HFS filesystem may be able to cause an unexpected system termination or arbitrary code execution with kernel privileges Description: A memory corruption issue existed in the handling of AppleDouble files. This issue was addressed by removing support for AppleDouble files. CVE-ID CVE-2013-3955 : Stefan Esser
ImageIO Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JPEG2000 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1026 : Felix Groebert of the Google Security Team
IOKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Background applications could inject user interface events into the foreground app Description: It was possible for background applications to inject user interface events into the foreground application using the task completion or VoIP APIs. This issue was addressed by enforcing access controls on foreground and background processes that handle interface events. CVE-ID CVE-2013-5137 : Mackenzie Straight at Mobile Labs
IOKitUser Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious local application could cause an unexpected system termination Description: A null pointer dereference existed in IOCatalogue. The issue was addressed through additional type checking. CVE-ID CVE-2013-5138 : Will Estes
IOSerialFamily Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Executing a malicious application may result in arbitrary code execution within the kernel Description: An out of bounds array access existed in the IOSerialFamily driver. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-5139 : @dent1zt
IPSec Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may intercept data protected with IPSec Hybrid Auth Description: The DNS name of an IPSec Hybrid Auth server was not being matched against the certificate, allowing an attacker with a certificate for any server to impersonate any other. This issue was addressed by improved certificate checking. CVE-ID CVE-2013-1028 : Alexander Traud of www.traud.de
Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker can cause a device to unexpectedly restart Description: Sending an invalid packet fragment to a device can cause a kernel assert to trigger, leading to a device restart. The issue was addressed through additional validation of packet fragments. CVE-ID CVE-2013-5140 : Joonas Kuorilehto of Codenomicon, an anonymous researcher working with CERT-FI, Antti LevomAki and Lauri Virtanen of Vulnerability Analysis Group, Stonesoft
Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious local application could cause device hang Description: An integer truncation vulnerability in the kernel socket interface could be leveraged to force the CPU into an infinite loop. The issue was addressed by using a larger sized variable. CVE-ID CVE-2013-5141 : CESG
Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker on a local network can cause a denial of service Description: An attacker on a local network can send specially crafted IPv6 ICMP packets and cause high CPU load. The issue was addressed by rate limiting ICMP packets before verifying their checksum. CVE-ID CVE-2011-2391 : Marc Heuse
Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Kernel stack memory may be disclosed to local users Description: An information disclosure issue existed in the msgctl and segctl APIs. This issue was addressed by initializing data structures returned from the kernel. CVE-ID CVE-2013-5142 : Kenzley Alphonse of Kenx Technology, Inc
Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Unprivileged processes could get access to the contents of kernel memory which could lead to privilege escalation Description: An information disclosure issue existed in the mach_port_space_info API. This issue was addressed by initializing the iin_collision field in structures returned from the kernel. CVE-ID CVE-2013-3953 : Stefan Esser
Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Unprivileged processes may be able to cause an unexpected system termination or arbitrary code execution in the kernel Description: A memory corruption issue existed in the handling of arguments to the posix_spawn API. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-3954 : Stefan Esser
Kext Management Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An unauthorized process may modify the set of loaded kernel extensions Description: An issue existed in kextd's handling of IPC messages from unauthenticated senders. This issue was addressed by adding additional authorization checks. CVE-ID CVE-2013-5145 : "Rainbow PRISM"
libxml Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in libxml. These issues were addressed by updating libxml to version 2.9.0. CVE-ID CVE-2011-3102 : Juri Aedla CVE-2012-0841 CVE-2012-2807 : Juri Aedla CVE-2012-5134 : Google Chrome Security Team (Juri Aedla)
libxslt Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in libxslt. These issues were addressed by updating libxslt to version 1.1.28. CVE-ID CVE-2012-2825 : Nicolas Gregoire CVE-2012-2870 : Nicolas Gregoire CVE-2012-2871 : Kai Lu of Fortinet's FortiGuard Labs, Nicolas Gregoire
Passcode Lock Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: A race condition issue existed in the handling of phone calls and SIM card ejection at the lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2013-5147 : videosdebarraquito
Personal Hotspot Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to join a Personal Hotspot network Description: An issue existed in the generation of Personal Hotspot passwords, resulting in passwords that could be predicted by an attacker to join a user's Personal Hotspot. The issue was addressed by generating passwords with higher entropy. CVE-ID CVE-2013-4616 : Andreas Kurtz of NESO Security Labs and Daniel Metz of University Erlangen-Nuremberg
Push Notifications Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: The push notification token may be disclosed to an app contrary to the user's decision Description: An information disclosure issue existed in push notification registration. Apps requesting access to the push notification access received the token before the user approved the app's use of push notifications. This issue was addressed by withholding access to the token until the user has approved access. CVE-ID CVE-2013-5149 : Jack Flintermann of Grouper, Inc.
Safari Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of XML files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1036 : Kai Lu of Fortinet's FortiGuard Labs
Safari Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: History of pages recently visited in an open tab may remain after clearing of history Description: Clearing Safari's history did not clear the back/forward history for open tabs. This issue was addressed by clearing the back/forward history. CVE-ID CVE-2013-5150
Safari Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing files on a website may lead to script execution even when the server sends a 'Content-Type: text/plain' header Description: Mobile Safari sometimes treated files as HTML files even when the server sent a 'Content-Type: text/plain' header. This may lead to cross-site scripting on sites that allow users to upload files. This issue was addressed through improved handling of files when 'Content-Type: text/plain' is set. CVE-ID CVE-2013-5151 : Ben Toews of Github
Safari Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may allow an arbitrary URL to be displayed Description: A URL bar spoofing issue existed in Mobile Safari. This issue was addressed through improved URL tracking. CVE-ID CVE-2013-5152 : Keita Haga of keitahaga.com, Lukasz Pilorz of RBS
Sandbox Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Applications that are scripts were not sandboxed Description: Third-party applications which used the #! syntax to run a script were sandboxed based on the identity of the script interpreter, not the script. The interpreter may not have a sandbox defined, leading to the application being run unsandboxed. This issue was addressed by creating the sandbox based on the identity of the script. CVE-ID CVE-2013-5154 : evad3rs
Sandbox Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Applications can cause a system hang Description: Malicious third-party applications that wrote specific values to the /dev/random device could force the CPU to enter an infinite loop. This issue was addressed by preventing third-party applications from writing to /dev/random. CVE-ID CVE-2013-5155 : CESG
Social Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Users recent Twitter activity could be disclosed on devices with no passcode. Description: An issue existed where it was possible to determine what Twitter accounts a user had recently interacted with. This issue was resolved by restricting access to the Twitter icon cache. CVE-ID CVE-2013-5158 : Jonathan Zdziarski
Springboard Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to a device in Lost Mode may be able to view notifications Description: An issue existed in the handling of notifications when a device is in Lost Mode. This update addresses the issue with improved lock state management. CVE-ID CVE-2013-5153 : Daniel Stangroom
Telephony Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Malicious apps could interfere with or control telephony functionality Description: An access control issue existed in the telephony subsystem. Bypassing supported APIs, sandboxed apps could make requests directly to a system daemon interfering with or controlling telephony functionality. This issue was addressed by enforcing access controls on interfaces exposed by the telephony daemon. CVE-ID CVE-2013-5156 : Jin Han of the Institute for Infocomm Research working with Qiang Yan and Su Mon Kywe of Singapore Management University; Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke Lee from the Georgia Institute of Technology
Twitter Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Sandboxed apps could send tweets without user interaction or permission Description: An access control issue existed in the Twitter subsystem. Bypassing supported APIs, sandboxed apps could make requests directly to a system daemon interfering with or controlling Twitter functionality. This issue was addressed by enforcing access controls on interfaces exposed by the Twitter daemon. CVE-ID CVE-2013-5157 : Jin Han of the Institute for Infocomm Research working with Qiang Yan and Su Mon Kywe of Singapore Management University; Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke Lee from the Georgia Institute of Technology
WebKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2013-0879 : Atte Kettunen of OUSPG CVE-2013-0991 : Jay Civelli of the Chromium development community CVE-2013-0992 : Google Chrome Security Team (Martin Barbella) CVE-2013-0993 : Google Chrome Security Team (Inferno) CVE-2013-0994 : David German of Google CVE-2013-0995 : Google Chrome Security Team (Inferno) CVE-2013-0996 : Google Chrome Security Team (Inferno) CVE-2013-0997 : Vitaliy Toropov working with HP's Zero Day Initiative CVE-2013-0998 : pa_kt working with HP's Zero Day Initiative CVE-2013-0999 : pa_kt working with HP's Zero Day Initiative CVE-2013-1000 : Fermin J. Serna of the Google Security Team CVE-2013-1001 : Ryan Humenick CVE-2013-1002 : Sergey Glazunov CVE-2013-1003 : Google Chrome Security Team (Inferno) CVE-2013-1004 : Google Chrome Security Team (Martin Barbella) CVE-2013-1005 : Google Chrome Security Team (Martin Barbella) CVE-2013-1006 : Google Chrome Security Team (Martin Barbella) CVE-2013-1007 : Google Chrome Security Team (Inferno) CVE-2013-1008 : Sergey Glazunov CVE-2013-1010 : miaubiz CVE-2013-1037 : Google Chrome Security Team CVE-2013-1038 : Google Chrome Security Team CVE-2013-1039 : own-hero Research working with iDefense VCP CVE-2013-1040 : Google Chrome Security Team CVE-2013-1041 : Google Chrome Security Team CVE-2013-1042 : Google Chrome Security Team CVE-2013-1043 : Google Chrome Security Team CVE-2013-1044 : Apple CVE-2013-1045 : Google Chrome Security Team CVE-2013-1046 : Google Chrome Security Team CVE-2013-1047 : miaubiz CVE-2013-2842 : Cyril Cattiaux CVE-2013-5125 : Google Chrome Security Team CVE-2013-5126 : Apple CVE-2013-5127 : Google Chrome Security Team CVE-2013-5128 : Apple
WebKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to information disclosure Description: An information disclosure issue existed in the handling of the window.webkitRequestAnimationFrame() API. A maliciously crafted website could use an iframe to determine if another site used window.webkitRequestAnimationFrame(). This issue was addressed through improved handling of window.webkitRequestAnimationFrame(). CVE-ID CVE-2013-5159
WebKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Copying and pasting a malicious HTML snippet may lead to a cross-site scripting attack Description: A cross-site scripting issue existed in the handling of copied and pasted data in HTML documents. This issue was addressed through additional validation of pasted content. CVE-ID CVE-2013-0926 : Aditya Gupta, Subho Halder, and Dev Kar of xys3c (xysec.com)
WebKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-site scripting issue existed in the handling of iframes. This issue was addressed through improved origin tracking. CVE-ID CVE-2013-1012 : Subodh Iyengar and Erling Ellingsen of Facebook
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an information disclosure Description: An information disclosure issue existed in XSSAuditor. This issue was addressed through improved handling of URLs. CVE-ID CVE-2013-2848 : Egor Homakov
WebKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Dragging or pasting a selection may lead to a cross-site scripting attack Description: Dragging or pasting a selection from one site to another may allow scripts contained in the selection to be executed in the context of the new site. This issue is addressed through additional validation of content before a paste or a drag and drop operation. CVE-ID CVE-2013-5129 : Mario Heiderich
WebKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-site scripting issue existed in the handling of URLs. This issue was addressed through improved origin tracking. CVE-ID CVE-2013-5131 : Erling A Ellingsen
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "7.0".
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJSOe4/AAoJEPefwLHPlZEwToUP/jUGETRBdUjwN/gMmQAtl6zN 0VUMbnsNH51Lhsr15p9EHYJUL97pajT0N1gdd8Q2l+2NHkQzQLJziXgsO6VFOX7e GoLNvlbyfoE0Ac9dSm9w7yi2lVf8bjGZKmEH0DAXzZD5s0ThiqPZCjTo8rCODMH2 TyQgkYtcXtrAHYaFe0dceWe3Q0ORu24cuFg0xeqX+7QvzK9mSeJWiN8OtimMzDni 5Dvgn7emHiuI6f3huQ25bEXK4gjN+CGwXg2RhQ7fwm9IeBdLnH1qKrFrrMHIhbrK ibvud5jLS0ltUH+XnfBkoCkBntOO11vYllti8oIGCgaa5NkVkEOKbHy9uh6riGHT KXYU/LfM8tt8Ax6iknn4mYC2QYbv7OIyzSfu/scWbeawsJb4OMx71oJrROTArgQG QthFQvFk7NSe5kQlNz+xQHI5LP/ZSHTKdwT69zPIzjWQBOdcZ+4GQvmMsbKIeZeY I2oIull2C7XYav8B0o+l4WlyEewNCOHQ8znapZnjCRKT/FF/ueG/WO0J4SEWUbQz Kf24sZtFtm51QekPS3vc1XHacqJLELD8ugtgYC3hh9vUqkLV3UxpLKvI8uoOPUDt SCV3qSpaxgBQtJWUZPq0MWVTDJKzX4MEB8e1p4jZAggEzfx9AdT0s7XyGm9H/UsR GowSVGG+cJtvrngVhy3E =dNVy -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.0"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.1.2"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.0.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.0.2"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "6.1.3"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.3.2"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.2"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.3"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.3.3"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.3.5"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "6.1.4"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.4"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.5"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.1.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.0"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.2"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.2.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.0"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.3"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.2.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "chrome",
"scope": "lte",
"trust": 1.0,
"vendor": "google",
"version": "19.0.1084.45"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.2.5"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.2"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.2"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.3.0"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.3.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.2.8"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.2"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.2"
},
{
"_id": null,
"model": "apple tv",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"_id": null,
"model": "jp1/it desktop management 2 - manager",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u7acb",
"version": null
},
{
"_id": null,
"model": "itunes",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"_id": null,
"model": "job management partner 1/it desktop management - manager",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u7acb",
"version": null
},
{
"_id": null,
"model": "jp1/it desktop management - manager",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u7acb",
"version": null
},
{
"_id": null,
"model": "jp1/it desktop management 2 - operations director",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u7acb",
"version": null
},
{
"_id": null,
"model": "job management partner 1/it desktop management 2 - manager",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u7acb",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"_id": null,
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "6.1.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "aura communication manager sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.75"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.60"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.96379"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.6.3"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.2"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874.120"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"_id": null,
"model": "one-x client enablement service",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.96365"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874.121"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.77"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.215"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.2"
},
{
"_id": null,
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.202"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"_id": null,
"model": "conferencing standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.168"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "linux enterprise server sp3 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"_id": null,
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.5"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.91275"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "19"
},
{
"_id": null,
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "conferencing standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "aura communication manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.7"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"_id": null,
"model": "ios for developer",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.151"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.186"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.63"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.1"
},
{
"_id": null,
"model": "tv",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.6"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "freeflow print server 73.c5.11",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "voice portal sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.1"
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.2.1"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"_id": null,
"model": "ios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "64"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.7"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.3"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"_id": null,
"model": "aura application server sip core pb26",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.1.4"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874102"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "iron",
"scope": "eq",
"trust": 0.3,
"vendor": "srware",
"version": "15.0.900.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.46"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "iron",
"scope": "eq",
"trust": 0.3,
"vendor": "srware",
"version": "18.0.1050.0"
},
{
"_id": null,
"model": "conferencing standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.83"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.4.0.80"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.1.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "aura application server sip core pb25",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.142"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"_id": null,
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.7"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux optional productivity application server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.78"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.56"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.3"
},
{
"_id": null,
"model": "iron",
"scope": "ne",
"trust": 0.3,
"vendor": "srware",
"version": "19.0.1100.0"
},
{
"_id": null,
"model": "aura application server sip core pb16",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.163"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "iron",
"scope": "eq",
"trust": 0.3,
"vendor": "srware",
"version": "15"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.6.1.7"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.1"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "53540"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-257"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002426"
},
{
"db": "NVD",
"id": "CVE-2011-3102"
}
]
},
"credits": {
"_id": null,
"data": "Aki Helin of OUSPG, Brett Wilson and Charlie Reis of the Chromium development community, \u0026amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;ldquo;psaldorn\u0026amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp",
"sources": [
{
"db": "BID",
"id": "53540"
}
],
"trust": 0.3
},
"cve": "CVE-2011-3102",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2011-3102",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-51047",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-3102",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-3102",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201205-257",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-51047",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2011-3102",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-51047"
},
{
"db": "VULMON",
"id": "CVE-2011-3102"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-257"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002426"
},
{
"db": "NVD",
"id": "CVE-2011-3102"
}
]
},
"description": {
"_id": null,
"data": "Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. Google Chrome is prone to multiple vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code in the context of the browser, bypass security restrictions or cause denial-of-service conditions; other attacks may also be possible. \nVersions prior to Chrome 19 are vulnerable. \n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 2.7.8.dfsg-2+squeeze4. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.7.8.dfsg-9.1. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. An\nattacker with a privileged network position may inject arbitrary\ncontents. This issue was addressed by using an encrypted HTTPS\nconnection to retrieve tutorials. \n \n A denial of service flaw was found in the way libxml2 performed string\n substitutions when entity values for entity references replacement\n was enabled. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: libxml2 security update\nAdvisory ID: RHSA-2012:1288-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1288.html\nIssue date: 2012-09-18\nCVE Names: CVE-2011-3102 CVE-2012-2807 \n=====================================================================\n\n1. Summary:\n\nUpdated libxml2 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6. \n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL Desktop Workstation (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nThe libxml2 library is a development toolbox providing the implementation\nof various XML standards. \n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in the way libxml2 handled documents that enable entity\nexpansion. A remote attacker could provide a large, specially-crafted XML\nfile that, when opened in an application linked against libxml2, would\ncause the application to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2012-2807)\n\nA one byte buffer overflow was found in the way libxml2 evaluated certain\nparts of XML Pointer Language (XPointer) expressions. A remote attacker\ncould provide a specially-crafted XML file that, when opened in an\napplication linked against libxml2, would cause the application to crash\nor, potentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2011-3102)\n\nAll users of libxml2 are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The desktop must\nbe restarted (log out, then log back in) for this update to take effect. \n\n4. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libxml2-2.6.26-2.1.15.el5_8.5.src.rpm\n\ni386:\nlibxml2-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-python-2.6.26-2.1.15.el5_8.5.i386.rpm\n\nx86_64:\nlibxml2-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-2.6.26-2.1.15.el5_8.5.x86_64.rpm\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.x86_64.rpm\nlibxml2-python-2.6.26-2.1.15.el5_8.5.x86_64.rpm\n\nRHEL Desktop Workstation (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libxml2-2.6.26-2.1.15.el5_8.5.src.rpm\n\ni386:\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-devel-2.6.26-2.1.15.el5_8.5.i386.rpm\n\nx86_64:\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.x86_64.rpm\nlibxml2-devel-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-devel-2.6.26-2.1.15.el5_8.5.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/libxml2-2.6.26-2.1.15.el5_8.5.src.rpm\n\ni386:\nlibxml2-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-devel-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-python-2.6.26-2.1.15.el5_8.5.i386.rpm\n\nia64:\nlibxml2-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-2.6.26-2.1.15.el5_8.5.ia64.rpm\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.ia64.rpm\nlibxml2-devel-2.6.26-2.1.15.el5_8.5.ia64.rpm\nlibxml2-python-2.6.26-2.1.15.el5_8.5.ia64.rpm\n\nppc:\nlibxml2-2.6.26-2.1.15.el5_8.5.ppc.rpm\nlibxml2-2.6.26-2.1.15.el5_8.5.ppc64.rpm\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.ppc.rpm\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.ppc64.rpm\nlibxml2-devel-2.6.26-2.1.15.el5_8.5.ppc.rpm\nlibxml2-devel-2.6.26-2.1.15.el5_8.5.ppc64.rpm\nlibxml2-python-2.6.26-2.1.15.el5_8.5.ppc.rpm\n\ns390x:\nlibxml2-2.6.26-2.1.15.el5_8.5.s390.rpm\nlibxml2-2.6.26-2.1.15.el5_8.5.s390x.rpm\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.s390.rpm\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.s390x.rpm\nlibxml2-devel-2.6.26-2.1.15.el5_8.5.s390.rpm\nlibxml2-devel-2.6.26-2.1.15.el5_8.5.s390x.rpm\nlibxml2-python-2.6.26-2.1.15.el5_8.5.s390x.rpm\n\nx86_64:\nlibxml2-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-2.6.26-2.1.15.el5_8.5.x86_64.rpm\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-debuginfo-2.6.26-2.1.15.el5_8.5.x86_64.rpm\nlibxml2-devel-2.6.26-2.1.15.el5_8.5.i386.rpm\nlibxml2-devel-2.6.26-2.1.15.el5_8.5.x86_64.rpm\nlibxml2-python-2.6.26-2.1.15.el5_8.5.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm\n\ni386:\nlibxml2-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-python-2.7.6-8.el6_3.3.i686.rpm\n\nx86_64:\nlibxml2-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-python-2.7.6-8.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm\n\ni386:\nlibxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-static-2.7.6-8.el6_3.3.i686.rpm\n\nx86_64:\nlibxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-static-2.7.6-8.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm\n\nx86_64:\nlibxml2-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-python-2.7.6-8.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm\n\nx86_64:\nlibxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-static-2.7.6-8.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm\n\ni386:\nlibxml2-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-python-2.7.6-8.el6_3.3.i686.rpm\n\nppc64:\nlibxml2-2.7.6-8.el6_3.3.ppc.rpm\nlibxml2-2.7.6-8.el6_3.3.ppc64.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.ppc.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.ppc64.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.ppc.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.ppc64.rpm\nlibxml2-python-2.7.6-8.el6_3.3.ppc64.rpm\n\ns390x:\nlibxml2-2.7.6-8.el6_3.3.s390.rpm\nlibxml2-2.7.6-8.el6_3.3.s390x.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.s390.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.s390x.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.s390.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.s390x.rpm\nlibxml2-python-2.7.6-8.el6_3.3.s390x.rpm\n\nx86_64:\nlibxml2-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-python-2.7.6-8.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm\n\ni386:\nlibxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-static-2.7.6-8.el6_3.3.i686.rpm\n\nppc64:\nlibxml2-debuginfo-2.7.6-8.el6_3.3.ppc64.rpm\nlibxml2-static-2.7.6-8.el6_3.3.ppc64.rpm\n\ns390x:\nlibxml2-debuginfo-2.7.6-8.el6_3.3.s390x.rpm\nlibxml2-static-2.7.6-8.el6_3.3.s390x.rpm\n\nx86_64:\nlibxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-static-2.7.6-8.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm\n\ni386:\nlibxml2-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-python-2.7.6-8.el6_3.3.i686.rpm\n\nx86_64:\nlibxml2-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-devel-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-python-2.7.6-8.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/libxml2-2.7.6-8.el6_3.3.src.rpm\n\ni386:\nlibxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm\nlibxml2-static-2.7.6-8.el6_3.3.i686.rpm\n\nx86_64:\nlibxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm\nlibxml2-static-2.7.6-8.el6_3.3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-3102.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-2807.html\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201207-02\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: libxml2: User-assisted execution of arbitrary code\n Date: July 09, 2012\n Bugs: #416209\n ID: 201207-02\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA off-by-one error in libxml2 could result in execution of arbitrary\ncode or Denial of Service. \n\nBackground\n==========\n\nlibxml2 is the XML C parser and toolkit developed for the Gnome\nproject. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/libxml2 \u003c 2.8.0_rc1 \u003e= 2.8.0_rc1\n\nDescription\n===========\n\nThe \"xmlXPtrEvalXPtrPart()\" function in xpointer.c contains an\noff-by-one error. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libxml2 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/libxml2-2.8.0_rc1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-3102\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3102\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201207-02.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ============================================================================\nUbuntu Security Notice USN-1447-1\nMay 21, 2012\n\nlibxml2 vulnerability\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n- Ubuntu 11.10\n- Ubuntu 11.04\n- Ubuntu 10.04 LTS\n- Ubuntu 8.04 LTS\n\nSummary:\n\nApplications using libxml2 could be made to crash or run programs as your\nlogin if they opened a specially crafted file. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n libxml2 2.7.8.dfsg-5.1ubuntu4.1\n\nUbuntu 11.10:\n libxml2 2.7.8.dfsg-4ubuntu0.3\n\nUbuntu 11.04:\n libxml2 2.7.8.dfsg-2ubuntu0.4\n\nUbuntu 10.04 LTS:\n libxml2 2.7.6.dfsg-1ubuntu1.5\n\nUbuntu 8.04 LTS:\n libxml2 2.6.31.dfsg-2ubuntu1.9\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2013-09-18-2 iOS 7\n\niOS 7 is now available and addresses the following:\n\nCertificate Trust Policy\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Root certificates have been updated\nDescription: Several certificates were added to or removed from the\nlist of system roots. \n\nCoreGraphics\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of JBIG2\nencoded data in PDF files. This issue was addressed through\nadditional bounds checking. \nCVE-ID\nCVE-2013-1025 : Felix Groebert of the Google Security Team\n\nCoreMedia\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Playing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of Sorenson\nencoded movie files. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2013-1019 : Tom Gallagher (Microsoft) \u0026 Paul Bates (Microsoft)\nworking with HP\u0027s Zero Day Initiative\n\nData Protection\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Apps could bypass passcode-attempt restrictions\nDescription: A privilege separation issue existed in Data\nProtection. An app within the third-party sandbox could repeatedly\nattempt to determine the user\u0027s passcode regardless of the user\u0027s\n\"Erase Data\" setting. This issue was addressed by requiring\nadditional entitlement checks. \nCVE-ID\nCVE-2013-0957 : Jin Han of the Institute for Infocomm Research\nworking with Qiang Yan and Su Mon Kywe of Singapore Management\nUniversity\n\nData Security\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker with a privileged network position may intercept\nuser credentials or other sensitive information\nDescription: TrustWave, a trusted root CA, has issued, and\nsubsequently revoked, a sub-CA certificate from one of its trusted\nanchors. This sub-CA facilitated the interception of communications\nsecured by Transport Layer Security (TLS). This update added the\ninvolved sub-CA certificate to OS X\u0027s list of untrusted certificates. \nCVE-ID\nCVE-2013-5134\n\ndyld\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker who has arbitrary code execution on a device may\nbe able to persist code execution across reboots\nDescription: Multiple buffer overflows existed in dyld\u0027s\nopenSharedCacheFile() function. These issues were addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2013-3950 : Stefan Esser\n\nFile Systems\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker who can mount a non-HFS filesystem may be able\nto cause an unexpected system termination or arbitrary code execution\nwith kernel privileges\nDescription: A memory corruption issue existed in the handling of\nAppleDouble files. This issue was addressed by removing support for\nAppleDouble files. \nCVE-ID\nCVE-2013-3955 : Stefan Esser\n\nImageIO\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of JPEG2000\nencoded data in PDF files. This issue was addressed through\nadditional bounds checking. \nCVE-ID\nCVE-2013-1026 : Felix Groebert of the Google Security Team\n\nIOKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Background applications could inject user interface events\ninto the foreground app\nDescription: It was possible for background applications to inject\nuser interface events into the foreground application using the task\ncompletion or VoIP APIs. This issue was addressed by enforcing access\ncontrols on foreground and background processes that handle interface\nevents. \nCVE-ID\nCVE-2013-5137 : Mackenzie Straight at Mobile Labs\n\nIOKitUser\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious local application could cause an unexpected\nsystem termination\nDescription: A null pointer dereference existed in IOCatalogue. \nThe issue was addressed through additional type checking. \nCVE-ID\nCVE-2013-5138 : Will Estes\n\nIOSerialFamily\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Executing a malicious application may result in arbitrary\ncode execution within the kernel\nDescription: An out of bounds array access existed in the\nIOSerialFamily driver. This issue was addressed through additional\nbounds checking. \nCVE-ID\nCVE-2013-5139 : @dent1zt\n\nIPSec\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker may intercept data protected with IPSec Hybrid\nAuth\nDescription: The DNS name of an IPSec Hybrid Auth server was not\nbeing matched against the certificate, allowing an attacker with a\ncertificate for any server to impersonate any other. This issue was\naddressed by improved certificate checking. \nCVE-ID\nCVE-2013-1028 : Alexander Traud of www.traud.de\n\nKernel\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A remote attacker can cause a device to unexpectedly restart\nDescription: Sending an invalid packet fragment to a device can\ncause a kernel assert to trigger, leading to a device restart. The\nissue was addressed through additional validation of packet\nfragments. \nCVE-ID\nCVE-2013-5140 : Joonas Kuorilehto of Codenomicon, an anonymous\nresearcher working with CERT-FI, Antti LevomAki and Lauri Virtanen\nof Vulnerability Analysis Group, Stonesoft\n\nKernel\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious local application could cause device hang\nDescription: An integer truncation vulnerability in the kernel\nsocket interface could be leveraged to force the CPU into an infinite\nloop. The issue was addressed by using a larger sized variable. \nCVE-ID\nCVE-2013-5141 : CESG\n\nKernel\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker on a local network can cause a denial of service\nDescription: An attacker on a local network can send specially\ncrafted IPv6 ICMP packets and cause high CPU load. The issue was\naddressed by rate limiting ICMP packets before verifying their\nchecksum. \nCVE-ID\nCVE-2011-2391 : Marc Heuse\n\nKernel\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Kernel stack memory may be disclosed to local users\nDescription: An information disclosure issue existed in the msgctl\nand segctl APIs. This issue was addressed by initializing data\nstructures returned from the kernel. \nCVE-ID\nCVE-2013-5142 : Kenzley Alphonse of Kenx Technology, Inc\n\nKernel\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Unprivileged processes could get access to the contents of\nkernel memory which could lead to privilege escalation\nDescription: An information disclosure issue existed in the\nmach_port_space_info API. This issue was addressed by initializing\nthe iin_collision field in structures returned from the kernel. \nCVE-ID\nCVE-2013-3953 : Stefan Esser\n\nKernel\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Unprivileged processes may be able to cause an unexpected\nsystem termination or arbitrary code execution in the kernel\nDescription: A memory corruption issue existed in the handling of\narguments to the posix_spawn API. This issue was addressed through\nadditional bounds checking. \nCVE-ID\nCVE-2013-3954 : Stefan Esser\n\nKext Management\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An unauthorized process may modify the set of loaded kernel\nextensions\nDescription: An issue existed in kextd\u0027s handling of IPC messages\nfrom unauthenticated senders. This issue was addressed by adding\nadditional authorization checks. \nCVE-ID\nCVE-2013-5145 : \"Rainbow PRISM\"\n\nlibxml\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted web page may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in libxml. \nThese issues were addressed by updating libxml to version 2.9.0. \nCVE-ID\nCVE-2011-3102 : Juri Aedla\nCVE-2012-0841\nCVE-2012-2807 : Juri Aedla\nCVE-2012-5134 : Google Chrome Security Team (Juri Aedla)\n\nlibxslt\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted web page may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in libxslt. \nThese issues were addressed by updating libxslt to version 1.1.28. \nCVE-ID\nCVE-2012-2825 : Nicolas Gregoire\nCVE-2012-2870 : Nicolas Gregoire\nCVE-2012-2871 : Kai Lu of Fortinet\u0027s FortiGuard Labs, Nicolas\nGregoire\n\nPasscode Lock\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A person with physical access to the device may be able to\nbypass the screen lock\nDescription: A race condition issue existed in the handling of phone\ncalls and SIM card ejection at the lock screen. This issue was\naddressed through improved lock state management. \nCVE-ID\nCVE-2013-5147 : videosdebarraquito\n\nPersonal Hotspot\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker may be able to join a Personal Hotspot network\nDescription: An issue existed in the generation of Personal Hotspot\npasswords, resulting in passwords that could be predicted by an\nattacker to join a user\u0027s Personal Hotspot. The issue was addressed\nby generating passwords with higher entropy. \nCVE-ID\nCVE-2013-4616 : Andreas Kurtz of NESO Security Labs and Daniel Metz\nof University Erlangen-Nuremberg\n\nPush Notifications\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: The push notification token may be disclosed to an app\ncontrary to the user\u0027s decision\nDescription: An information disclosure issue existed in push\nnotification registration. Apps requesting access to the push\nnotification access received the token before the user approved the\napp\u0027s use of push notifications. This issue was addressed by\nwithholding access to the token until the user has approved access. \nCVE-ID\nCVE-2013-5149 : Jack Flintermann of Grouper, Inc. \n\nSafari\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the handling of\nXML files. This issue was addressed through additional bounds\nchecking. \nCVE-ID\nCVE-2013-1036 : Kai Lu of Fortinet\u0027s FortiGuard Labs\n\nSafari\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: History of pages recently visited in an open tab may remain\nafter clearing of history\nDescription: Clearing Safari\u0027s history did not clear the\nback/forward history for open tabs. This issue was addressed by\nclearing the back/forward history. \nCVE-ID\nCVE-2013-5150\n\nSafari\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Viewing files on a website may lead to script execution even\nwhen the server sends a \u0027Content-Type: text/plain\u0027 header\nDescription: Mobile Safari sometimes treated files as HTML files\neven when the server sent a \u0027Content-Type: text/plain\u0027 header. This\nmay lead to cross-site scripting on sites that allow users to upload\nfiles. This issue was addressed through improved handling of files\nwhen \u0027Content-Type: text/plain\u0027 is set. \nCVE-ID\nCVE-2013-5151 : Ben Toews of Github\n\nSafari\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a malicious website may allow an arbitrary URL to\nbe displayed\nDescription: A URL bar spoofing issue existed in Mobile Safari. This\nissue was addressed through improved URL tracking. \nCVE-ID\nCVE-2013-5152 : Keita Haga of keitahaga.com, Lukasz Pilorz of RBS\n\nSandbox\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Applications that are scripts were not sandboxed\nDescription: Third-party applications which used the #! syntax to\nrun a script were sandboxed based on the identity of the script\ninterpreter, not the script. The interpreter may not have a sandbox\ndefined, leading to the application being run unsandboxed. This issue\nwas addressed by creating the sandbox based on the identity of the\nscript. \nCVE-ID\nCVE-2013-5154 : evad3rs\n\nSandbox\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Applications can cause a system hang\nDescription: Malicious third-party applications that wrote specific\nvalues to the /dev/random device could force the CPU to enter an\ninfinite loop. This issue was addressed by preventing third-party\napplications from writing to /dev/random. \nCVE-ID\nCVE-2013-5155 : CESG\n\nSocial\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Users recent Twitter activity could be disclosed on devices\nwith no passcode. \nDescription: An issue existed where it was possible to determine\nwhat Twitter accounts a user had recently interacted with. This issue\nwas resolved by restricting access to the Twitter icon cache. \nCVE-ID\nCVE-2013-5158 : Jonathan Zdziarski\n\nSpringboard\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A person with physical access to a device in Lost Mode may\nbe able to view notifications\nDescription: An issue existed in the handling of notifications when\na device is in Lost Mode. This update addresses the issue with\nimproved lock state management. \nCVE-ID\nCVE-2013-5153 : Daniel Stangroom\n\nTelephony\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Malicious apps could interfere with or control telephony\nfunctionality\nDescription: An access control issue existed in the telephony\nsubsystem. Bypassing supported APIs, sandboxed apps could make\nrequests directly to a system daemon interfering with or controlling\ntelephony functionality. This issue was addressed by enforcing access\ncontrols on interfaces exposed by the telephony daemon. \nCVE-ID\nCVE-2013-5156 : Jin Han of the Institute for Infocomm Research\nworking with Qiang Yan and Su Mon Kywe of Singapore Management\nUniversity; Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke\nLee from the Georgia Institute of Technology\n\nTwitter\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Sandboxed apps could send tweets without user interaction or\npermission\nDescription: An access control issue existed in the Twitter\nsubsystem. Bypassing supported APIs, sandboxed apps could make\nrequests directly to a system daemon interfering with or controlling\nTwitter functionality. This issue was addressed by enforcing access\ncontrols on interfaces exposed by the Twitter daemon. \nCVE-ID\nCVE-2013-5157 : Jin Han of the Institute for Infocomm Research\nworking with Qiang Yan and Su Mon Kywe of Singapore Management\nUniversity; Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke\nLee from the Georgia Institute of Technology\n\nWebKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2013-0879 : Atte Kettunen of OUSPG\nCVE-2013-0991 : Jay Civelli of the Chromium development community\nCVE-2013-0992 : Google Chrome Security Team (Martin Barbella)\nCVE-2013-0993 : Google Chrome Security Team (Inferno)\nCVE-2013-0994 : David German of Google\nCVE-2013-0995 : Google Chrome Security Team (Inferno)\nCVE-2013-0996 : Google Chrome Security Team (Inferno)\nCVE-2013-0997 : Vitaliy Toropov working with HP\u0027s Zero Day Initiative\nCVE-2013-0998 : pa_kt working with HP\u0027s Zero Day Initiative\nCVE-2013-0999 : pa_kt working with HP\u0027s Zero Day Initiative\nCVE-2013-1000 : Fermin J. Serna of the Google Security Team\nCVE-2013-1001 : Ryan Humenick\nCVE-2013-1002 : Sergey Glazunov\nCVE-2013-1003 : Google Chrome Security Team (Inferno)\nCVE-2013-1004 : Google Chrome Security Team (Martin Barbella)\nCVE-2013-1005 : Google Chrome Security Team (Martin Barbella)\nCVE-2013-1006 : Google Chrome Security Team (Martin Barbella)\nCVE-2013-1007 : Google Chrome Security Team (Inferno)\nCVE-2013-1008 : Sergey Glazunov\nCVE-2013-1010 : miaubiz\nCVE-2013-1037 : Google Chrome Security Team\nCVE-2013-1038 : Google Chrome Security Team\nCVE-2013-1039 : own-hero Research working with iDefense VCP\nCVE-2013-1040 : Google Chrome Security Team\nCVE-2013-1041 : Google Chrome Security Team\nCVE-2013-1042 : Google Chrome Security Team\nCVE-2013-1043 : Google Chrome Security Team\nCVE-2013-1044 : Apple\nCVE-2013-1045 : Google Chrome Security Team\nCVE-2013-1046 : Google Chrome Security Team\nCVE-2013-1047 : miaubiz\nCVE-2013-2842 : Cyril Cattiaux\nCVE-2013-5125 : Google Chrome Security Team\nCVE-2013-5126 : Apple\nCVE-2013-5127 : Google Chrome Security Team\nCVE-2013-5128 : Apple\n\nWebKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a malicious website may lead to information\ndisclosure\nDescription: An information disclosure issue existed in the handling\nof the window.webkitRequestAnimationFrame() API. A maliciously\ncrafted website could use an iframe to determine if another site used\nwindow.webkitRequestAnimationFrame(). This issue was addressed\nthrough improved handling of window.webkitRequestAnimationFrame(). \nCVE-ID\nCVE-2013-5159\n\nWebKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Copying and pasting a malicious HTML snippet may lead to a\ncross-site scripting attack\nDescription: A cross-site scripting issue existed in the handling of\ncopied and pasted data in HTML documents. This issue was addressed\nthrough additional validation of pasted content. \nCVE-ID\nCVE-2013-0926 : Aditya Gupta, Subho Halder, and Dev Kar of xys3c\n(xysec.com)\n\nWebKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-site scripting issue existed in the handling of\niframes. This issue was addressed through improved origin tracking. \nCVE-ID\nCVE-2013-1012 : Subodh Iyengar and Erling Ellingsen of Facebook\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to an\ninformation disclosure\nDescription: An information disclosure issue existed in XSSAuditor. \nThis issue was addressed through improved handling of URLs. \nCVE-ID\nCVE-2013-2848 : Egor Homakov\n\nWebKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Dragging or pasting a selection may lead to a cross-site\nscripting attack\nDescription: Dragging or pasting a selection from one site to\nanother may allow scripts contained in the selection to be executed\nin the context of the new site. This issue is addressed through\nadditional validation of content before a paste or a drag and drop\noperation. \nCVE-ID\nCVE-2013-5129 : Mario Heiderich\n\nWebKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-site scripting issue existed in the handling of\nURLs. This issue was addressed through improved origin tracking. \nCVE-ID\nCVE-2013-5131 : Erling A Ellingsen\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"7.0\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJSOe4/AAoJEPefwLHPlZEwToUP/jUGETRBdUjwN/gMmQAtl6zN\n0VUMbnsNH51Lhsr15p9EHYJUL97pajT0N1gdd8Q2l+2NHkQzQLJziXgsO6VFOX7e\nGoLNvlbyfoE0Ac9dSm9w7yi2lVf8bjGZKmEH0DAXzZD5s0ThiqPZCjTo8rCODMH2\nTyQgkYtcXtrAHYaFe0dceWe3Q0ORu24cuFg0xeqX+7QvzK9mSeJWiN8OtimMzDni\n5Dvgn7emHiuI6f3huQ25bEXK4gjN+CGwXg2RhQ7fwm9IeBdLnH1qKrFrrMHIhbrK\nibvud5jLS0ltUH+XnfBkoCkBntOO11vYllti8oIGCgaa5NkVkEOKbHy9uh6riGHT\nKXYU/LfM8tt8Ax6iknn4mYC2QYbv7OIyzSfu/scWbeawsJb4OMx71oJrROTArgQG\nQthFQvFk7NSe5kQlNz+xQHI5LP/ZSHTKdwT69zPIzjWQBOdcZ+4GQvmMsbKIeZeY\nI2oIull2C7XYav8B0o+l4WlyEewNCOHQ8znapZnjCRKT/FF/ueG/WO0J4SEWUbQz\nKf24sZtFtm51QekPS3vc1XHacqJLELD8ugtgYC3hh9vUqkLV3UxpLKvI8uoOPUDt\nSCV3qSpaxgBQtJWUZPq0MWVTDJKzX4MEB8e1p4jZAggEzfx9AdT0s7XyGm9H/UsR\nGowSVGG+cJtvrngVhy3E\n=dNVy\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3102"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002426"
},
{
"db": "BID",
"id": "53540"
},
{
"db": "VULHUB",
"id": "VHN-51047"
},
{
"db": "VULMON",
"id": "CVE-2011-3102"
},
{
"db": "PACKETSTORM",
"id": "112989"
},
{
"db": "PACKETSTORM",
"id": "124932"
},
{
"db": "PACKETSTORM",
"id": "121130"
},
{
"db": "PACKETSTORM",
"id": "116647"
},
{
"db": "PACKETSTORM",
"id": "114580"
},
{
"db": "PACKETSTORM",
"id": "112910"
},
{
"db": "PACKETSTORM",
"id": "123307"
},
{
"db": "PACKETSTORM",
"id": "123339"
}
],
"trust": 2.79
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2011-3102",
"trust": 4.5
},
{
"db": "BID",
"id": "53540",
"trust": 1.5
},
{
"db": "SECUNIA",
"id": "49243",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "54886",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "50658",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "55568",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1027067",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU95174988",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94321146",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU98681940",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002426",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201205-257",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "19635",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "112910",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "112989",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "116647",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "114580",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "124932",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "114014",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-51047",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-3102",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121130",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123307",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123339",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-51047"
},
{
"db": "VULMON",
"id": "CVE-2011-3102"
},
{
"db": "BID",
"id": "53540"
},
{
"db": "PACKETSTORM",
"id": "112989"
},
{
"db": "PACKETSTORM",
"id": "124932"
},
{
"db": "PACKETSTORM",
"id": "121130"
},
{
"db": "PACKETSTORM",
"id": "116647"
},
{
"db": "PACKETSTORM",
"id": "114580"
},
{
"db": "PACKETSTORM",
"id": "112910"
},
{
"db": "PACKETSTORM",
"id": "123307"
},
{
"db": "PACKETSTORM",
"id": "123339"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-257"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002426"
},
{
"db": "NVD",
"id": "CVE-2011-3102"
}
]
},
"id": "VAR-201205-0195",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-51047"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:45:44.810000Z",
"patch": {
"_id": null,
"data": [
{
"title": "hitachi-sec-2025-122 Software product security information",
"trust": 0.8,
"url": "http://code.google.com/p/chromium/issues/detail?id=125462"
},
{
"title": "Red Hat: Moderate: libxml2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121288 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: libxml2 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1447-1"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2011-3102",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=95f6eb00690ae8404917a41a2d6e121e"
},
{
"title": "Debian Security Advisories: DSA-2479-1 libxml2 -- off-by-one",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=316dc5145bb3d45f6fb1f8c911c8a33f"
},
{
"title": "Amazon Linux AMI: ALAS-2012-134",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2012-134"
},
{
"title": "VMware Security Advisories: VMware vSphere security updates for the authentication service and third party libraries",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=4b5e3f2420b6e62eeeabf7f83f5bb496"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-3102"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002426"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-189",
"trust": 1.1
},
{
"problemtype": "Numerical processing problems (CWE-189) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-51047"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002426"
},
{
"db": "NVD",
"id": "CVE-2011-3102"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.1,
"url": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html"
},
{
"trust": 1.8,
"url": "http://code.google.com/p/chromium/issues/detail?id=125462"
},
{
"trust": 1.5,
"url": "http://lists.apple.com/archives/security-announce/2013/sep/msg00006.html"
},
{
"trust": 1.5,
"url": "http://support.apple.com/kb/ht6001"
},
{
"trust": 1.5,
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_xrx13-003_v1.0.pdf"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2013/oct/msg00009.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/53540"
},
{
"trust": 1.2,
"url": "http://support.apple.com/kb/ht5934"
},
{
"trust": 1.2,
"url": "http://www.debian.org/security/2012/dsa-2479"
},
{
"trust": 1.2,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2012:098"
},
{
"trust": 1.2,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:056"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0217.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1027067"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/49243"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/50658"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/54886"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/55568"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html"
},
{
"trust": 1.2,
"url": "https://lists.opensuse.org/opensuse-updates/2012-06/msg00011.html"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75607"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3102"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu98681940/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu95174988/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94321146/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3102"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19635"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2807"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5134"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2011_3102_numeric_errors"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht5935"
},
{
"trust": 0.3,
"url": "http://www.google.com/chrome"
},
{
"trust": 0.3,
"url": "http://www.srware.net/forum/viewtopic.php?f=18\u0026t=3729"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/1683f-4d960e4b16bb2/cert_xrx13-004_v1.01.pdf"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2012/sep/msg00001.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100167711"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2013-0001.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0841"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2825"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2871"
},
{
"trust": 0.3,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2870"
},
{
"trust": 0.3,
"url": "http://gpgtools.org"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0997"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0996"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0879"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1000"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1001"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0992"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0995"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1003"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1005"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2391"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1002"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0993"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1004"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0991"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0999"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0994"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1007"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0998"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1006"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/189.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2012:1288"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/1447-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26947"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1039"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1045"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1024"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5125"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1043"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1041"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1038"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5126"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1044"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1042"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1046"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1047"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5127"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2842"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1242"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5128"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1037"
},
{
"trust": 0.1,
"url": "http://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=912400"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0338"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2807"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3102"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5134"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3102.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-2807.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2012-1288.html"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3102"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201207-02.xml"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-4ubuntu0.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/libxml2/2.6.31.dfsg-2ubuntu1.9"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-2ubuntu0.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/libxml2/2.7.6.dfsg-1ubuntu1.5"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-1447-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-5.1ubuntu4.1"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0957"
},
{
"trust": 0.1,
"url": "https://www.traud.de"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0926"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1008"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-51047"
},
{
"db": "VULMON",
"id": "CVE-2011-3102"
},
{
"db": "BID",
"id": "53540"
},
{
"db": "PACKETSTORM",
"id": "112989"
},
{
"db": "PACKETSTORM",
"id": "124932"
},
{
"db": "PACKETSTORM",
"id": "121130"
},
{
"db": "PACKETSTORM",
"id": "116647"
},
{
"db": "PACKETSTORM",
"id": "114580"
},
{
"db": "PACKETSTORM",
"id": "112910"
},
{
"db": "PACKETSTORM",
"id": "123307"
},
{
"db": "PACKETSTORM",
"id": "123339"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-257"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002426"
},
{
"db": "NVD",
"id": "CVE-2011-3102"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-51047",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2011-3102",
"ident": null
},
{
"db": "BID",
"id": "53540",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "112989",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "124932",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121130",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "116647",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "114580",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "112910",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123307",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123339",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201205-257",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002426",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2011-3102",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2012-05-16T00:00:00",
"db": "VULHUB",
"id": "VHN-51047",
"ident": null
},
{
"date": "2012-05-16T00:00:00",
"db": "VULMON",
"id": "CVE-2011-3102",
"ident": null
},
{
"date": "2012-05-15T00:00:00",
"db": "BID",
"id": "53540",
"ident": null
},
{
"date": "2012-05-24T02:22:30",
"db": "PACKETSTORM",
"id": "112989",
"ident": null
},
{
"date": "2014-01-24T01:33:33",
"db": "PACKETSTORM",
"id": "124932",
"ident": null
},
{
"date": "2013-04-08T20:28:39",
"db": "PACKETSTORM",
"id": "121130",
"ident": null
},
{
"date": "2012-09-19T07:23:12",
"db": "PACKETSTORM",
"id": "116647",
"ident": null
},
{
"date": "2012-07-10T13:47:55",
"db": "PACKETSTORM",
"id": "114580",
"ident": null
},
{
"date": "2012-05-22T00:25:14",
"db": "PACKETSTORM",
"id": "112910",
"ident": null
},
{
"date": "2013-09-19T01:58:16",
"db": "PACKETSTORM",
"id": "123307",
"ident": null
},
{
"date": "2013-09-20T20:54:13",
"db": "PACKETSTORM",
"id": "123339",
"ident": null
},
{
"date": "2012-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-257",
"ident": null
},
{
"date": "2012-05-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002426",
"ident": null
},
{
"date": "2012-05-16T00:55:03.683000",
"db": "NVD",
"id": "CVE-2011-3102",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-12-29T00:00:00",
"db": "VULHUB",
"id": "VHN-51047",
"ident": null
},
{
"date": "2017-12-29T00:00:00",
"db": "VULMON",
"id": "CVE-2011-3102",
"ident": null
},
{
"date": "2015-04-13T22:06:00",
"db": "BID",
"id": "53540",
"ident": null
},
{
"date": "2012-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-257",
"ident": null
},
{
"date": "2025-05-16T07:08:00",
"db": "JVNDB",
"id": "JVNDB-2012-002426",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-3102",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "121130"
},
{
"db": "PACKETSTORM",
"id": "116647"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-257"
}
],
"trust": 0.8
},
"title": {
"_id": null,
"data": "Google\u00a0Chrome\u00a0 used in \u00a0libxml2\u00a0 Vulnerability to one-off errors in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002426"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-257"
}
],
"trust": 0.6
}
}
VAR-201406-0137
Vulnerability from variot - Updated: 2026-04-10 22:45The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DTLS packets. The issue lies in the assumption that all fragments specify the same message size. An attacker could leverage this vulnerability to execute code in the context of the process using OpenSSL. The following are vulnerable: OpenSSL 0.9.8 prior to 0.9.8za OpenSSL 1.0.0 prior to 1.0.0m OpenSSL 1.0.1 prior to 1.0.1h. One of the patch backports for Ubuntu 10.04 LTS caused a regression for certain applications.
We apologize for the inconvenience. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0195) Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. (CVE-2014-0224) Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled anonymous ECDH ciphersuites. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-3470)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.21
After a standard system update you need to reboot your computer to make all the necessary changes.
HP IceWall SSO Dfw and MCRP
If possible, do not use SHOST setting which allows IceWall SSO Dfw or MCRP to use SSL/TLS for back-end web server connection.
HP IceWall SSO Dfw Certd
If possible, set LDAPSSL to 0 to make HP SSO IceWall Certd to not use SSL/TLS on any connection with LDAP server.
Note: The HP IceWall product is only available in Japan. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04378799
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04378799 Version: 1
HPSBMU03074 rev.1 - HP Insight Control server migration on Linux and Windows running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-07-23 Last Updated: 2014-07-23
Potential Security Impact: Remote denial of service (DoS), code execution, unauthorized access, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Insight Control server migration running on Linux and Windows which could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information.
References:
CVE-2010-5298 Remote Denial of Service CVE-2014-0076 Unauthorized Disclosure of Information CVE-2014-0195 Remote Unauthorized Access CVE-2014-0198 Remote Denial of Service CVE-2014-0221 Remote Denial of Service (DoS) CVE-2014-0224 Remote Unauthorized Access or Disclosure of Information CVE-2014-3470 Remote Code Execution or Unauthorized Access SSRT101647
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server migration v7.2.2, v7.3, v7.3.1, and v7.3.2
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following updates to v7.3.2 of HP Insight Control server migration to resolve these vulnerabilities by upgrading to version 7.3.3. Please note that version 7.3.3 of HP Insight Control server migration is included on the HP Insight Management 7.3 Update 2 DVD.
HP has provided the installation binaries for download from the following web site by using the Receive for free option:
http://h18013.www1.hp.com/products/servers/management/fpdownload.html
Customers using HP Insight Control server migration v7.2.2 must first upgrade from v7.2.2 to v7.3 by using the HP Insight Management v7.3 DVD, and then upgrade to v7.3.3 by using the HP Insight Management v7.3 Update 2 DVD.
Customers running HP Insight Control server migration v7.3, v7.3.1, or v7.3.2, can use the HP Insight Control server migration v7.3 Update 2 DVD to complete the upgrade.
For more information on the upgrade process, please refer to the HP Insight Management Installation and Upgrade Guide and Release notes, which are available at the following location:
http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind ex.aspx?cat=insightmanagement
NOTE: The upgrade paths described above update the entire HP Insight Control software stack. To upgrade HP Insight Control server migration only, complete the following steps:
Copy "hpsmp.exe" to the local machine from the HP Insight Management v7.3.0 Update 2 DVD ISO. Create batch file with the following commands: @echo off hpsmp.exe /verysilent /SVCPATCH=Install_Through_Patch Copy the batch file to the folder where "hpsmp.exe" normally resides on the target system. Double click on the batch file. The HP Insight Control server migration installation starts in a command prompt. The command prompt closes when the installation finishes. After the installation completes it creates a log file (ICmigr.log) and an output file (ICmigroutput.xml) on the target system. Do not close or click on the command prompt while the process is completing. Do not run the command prompt in the background.
HISTORY Version:1 (rev.1) - 23 July 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224).
The updated packages have been upgraded to the 1.0.0m version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://www.openssl.org/news/secadv_20140605.txt
Updated Packages:
Mandriva Business Server 1/X86_64: 857d06ddc6423ad124b23eb760459033 mbs1/x86_64/lib64openssl1.0.0-1.0.0m-1.mbs1.x86_64.rpm d7436f2f95df5c1d64d44a745f125bd8 mbs1/x86_64/lib64openssl-devel-1.0.0m-1.mbs1.x86_64.rpm 67f6cd6da42f01fb2f6054a2f96872af mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0m-1.mbs1.x86_64.rpm 5d7c5712c1ce70a2dd2596e803bc7004 mbs1/x86_64/lib64openssl-static-devel-1.0.0m-1.mbs1.x86_64.rpm 9866e03e1c112b0c4cb5587b142cfa63 mbs1/x86_64/openssl-1.0.0m-1.mbs1.x86_64.rpm 9ac714afa9a9b30419f2f1f5c9ec4e48 mbs1/SRPMS/openssl-1.0.0m-1.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities
EMC Identifier: ESA-2014-079
CVE Identifier: See below for individual CVEs
Severity Rating: CVSS v2 Base Score: See below for individual CVSS score for each CVE
Affected products:
\x95 All EMC Documentum Content Server versions of 7.1 prior to P07
\x95 All EMC Documentum Content Server versions of 7.0
\x95 All EMC Documentum Content Server versions of 6.7 SP2 prior to P16
\x95 All EMC Documentum Content Server versions of 6.7 SP1
\x95 All EMC Documentum Content Server versions prior to 6.7 SP1
Summary:
EMC Documentum Content Server contains fixes for multiple vulnerabilities which also include vulnerabilities disclosed by the OpenSSL project on June 5, 2014 in OpenSSL.
Details: EMC Documentum Content Server may be susceptible to the following vulnerabilities:
\x95 Arbitrary Code Execution (CVE-2014-4618): Authenticated non-privileged users can potentially execute Documentum methods with higher level privileges (up to and including superuser privileges) due to improper authorization checks being performed on user-created system objects. CVSS v2 Base Score: 8.2 (AV:N/AC:M/Au:S/C:C/I:C/A:P)
\x95 DQL Injection (CVE-2014-2520): Certain DQL hints in EMC Documentum Content Server may be potentially exploited by an authenticated non-privileged malicious user to conduct DQL injection attacks and read the database contents. CVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)
\x95 Information Disclosure (CVE-2014-2521): Authenticated non-privileged users are allowed to retrieve meta-data of unauthorized system objects due to improper authorization checks being performed on certain RPC commands in Content Server. CVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)
\x95 Multiple OpenSSL vulnerabilities (See individual CVEs below and refer to NVD for each of their scores): SSL/TLS Man-in-the-middle (MITM) vulnerability (CVE-2014-0224) DTLS recursion flaw (CVE-2014-0221) DTLS invalid fragment vulnerability (CVE-2014-0195) SSL_MODE_RELEASE_BUFFERS NULL pointer deference (CVE-2014-0198) SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298) Anonymous ECDH denial of service (CVE-2014-3470) FLUSH + RELOAD cache side-channel attack (CVE-2014-0076) For more information about these vulnerabilities, please visit the original OpenSSL advisory https://www.openssl.org/news/secadv_20140605.txt
Resolution: The following versions contain the resolution for these issues: \x95 EMC Documentum Content Server version 7.1 P07 and later \x95 EMC Documentum Content Server version 7.0: Hotfixes are available for Windows & Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \x95 EMC Documentum Content Server version 6.7 SP2 P16 and later \x95 EMC Documentum Content Server version 6.7 SP1: Hotfixes are available for Windows & Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests.
EMC recommends all customers to upgrade to one of the above versions at the earliest opportunity.
Link to remedies: Registered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/2732_Documentum-Server
For Hotfix, contact EMC Support.
Read and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867.
For an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.
EMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1h-i486-1_slack14.1.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8za-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8za-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8za-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8za-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8za-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8za-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1h-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1h-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1h-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1h-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1h-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1h-i486-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1h-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1h-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 packages: 634b8ecc8abc6d3f249b73d0fefa5959 openssl-0.9.8za-i486-1_slack13.0.txz a2529f1243d42a3608f61b96236b5f60 openssl-solibs-0.9.8za-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: 2ddac651c5f2531f3a7f70d9f5823bd6 openssl-0.9.8za-x86_64-1_slack13.0.txz d7ffeb15713a587f642fbb3d5c310c75 openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 0b84a6a1edf76cba83d4c52c54196baa openssl-0.9.8za-i486-1_slack13.1.txz dfd5d241b0e1703ae9d70d6ccda06179 openssl-solibs-0.9.8za-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: bd749622577a5f76a59d90b95aa922fd openssl-0.9.8za-x86_64-1_slack13.1.txz 35cf911dd9f0cc13f7f0056d9e1f4520 openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 8f674defac9002c81265d284b1072f75 openssl-0.9.8za-i486-1_slack13.37.txz 48ce79e7714cb0c823d2b6ea4a88ba51 openssl-solibs-0.9.8za-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: efa09162c22782c15806bca99472c5be openssl-0.9.8za-x86_64-1_slack13.37.txz 8e3b8d1e3d3a740bd274fbe38dc10f96 openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz
Slackware 14.0 packages: 8e2698d19f54c7e0cac8f998df23b782 openssl-1.0.1h-i486-1_slack14.0.txz cf6233bc169cf6dd192bb7210f779fc1 openssl-solibs-1.0.1h-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 2b4f0610d5e46fa7bb27a0b39f0d6d33 openssl-1.0.1h-x86_64-1_slack14.0.txz 18fdd83dcf86204275508a689a017dea openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 49aea7da42eef41da894f29762971863 openssl-1.0.1h-i486-1_slack14.1.txz 6f19f4fdc3f018b4e821c519d7bb1e5c openssl-solibs-1.0.1h-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: ccf5ff2b107c665a4f3bf98176937749 openssl-1.0.1h-x86_64-1_slack14.1.txz ea1aaba38c98b096186ca94ca541a793 openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz
Slackware -current packages: db1ed7ded71ab503f567940fff39eb16 a/openssl-solibs-1.0.1h-i486-1.txz 0db4f91f9b568b2b2629950e5ab88b22 n/openssl-1.0.1h-i486-1.txz
Slackware x86_64 -current packages: d01aef33335bee27f36574241f54091f a/openssl-solibs-1.0.1h-x86_64-1.txz 95a743d21c58f39573845d6ec5270656 n/openssl-1.0.1h-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1h-i486-1_slack14.1.txz openssl-solibs-1.0.1h-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. These vulnerabilities include:
-
The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information.
-
HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2010-5298
4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)
CVE-2014-0076
4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)
CVE-2014-0195
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-0198
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0221
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0224
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-3470
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-3566
3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2016-0705
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE recommends applying the following software updates to resolve the vulnerabilities in the impacted versions of HPE StoreVirtual products running HPE LeftHand OS.
LeftHand OS v11.5 - Patches 45019-00 and 45020 LeftHand OS v12.0 - Patches 50016-00 and 50017-00 LeftHand OS v12.5 - Patch 55016-00 LeftHand OS v12.6 - Patch 56002-00
Notes:
These patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision to OpenSSL v1.0.1e 48. These patches migrate Certificate Authority Hashing Algorithm from a weak hashing algorithm SHA1 to the stronger hashing algorithm SHA256. Summary
VMware product updates address OpenSSL security vulnerabilities. Problem Description
a. OpenSSL update for multiple products.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0224, CVE-2014-0198,
CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to
these issues. The most important of these issues is
CVE-2014-0224.
CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to
be of moderate severity. Exploitation is highly unlikely or is
mitigated due to the application configuration.
CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL
Security Advisory (see Reference section below), do not affect
any VMware products. Updating
the server will mitigate this issue for both the server and all
affected clients. For readability
the affected products have been split into 3 tables below,
based on the different client-server configurations and
deployment scenarios.
MITIGATIONS
Clients that communicate with a patched or non-vulnerable server
are not vulnerable to CVE-2014-0224. Applying these patches to
affected servers will mitigate the affected clients (See Table 1
below). can be mitigated by using a secure network such as
VPN (see Table 2 below).
Clients and servers that are deployed on an isolated network are
less exposed to CVE-2014-0224 (see Table 3 below). The affected
products are typically deployed to communicate over the
management network.
RECOMMENDATIONS
VMware recommends customers evaluate and deploy patches for
affected Servers in Table 1 below as these patches become
available. Patching these servers will remove the ability to
exploit the vulnerability described in CVE-2014-0224 on both
clients and servers. VMware recommends customers consider
applying patches to products listed in Table 2 & 3 as required.
Column 4 of the following tables lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
ESXi 5.5 ESXi ESXi550-
201406401-SG
Big Data Extensions 1.1 patch pending
Charge Back Manager 2.6 patch pending
Horizon Workspace Server
GATEWAY 1.8.1 patch pending
Horizon Workspace Server
GATEWAY 1.5 patch pending
Horizon Workspace Server
DATA 1.8.1 patch pending
Horizon Mirage Edge Gateway 4.4.2 patch pending
Horizon View 5.3.1 patch pending
Horizon View Feature Pack 5.3 SP2 patch pending
NSX for Multi-Hypervisor 4.1.2 patch pending
NSX for Multi-Hypervisor 4.0.3 patch pending
NSX for vSphere 6.0.4 patch pending
NVP 3.2.2 patch pending
vCAC 6.0.1 patch pending
vCloud Networking and Security 5.5.2 patch pending
vCloud Networking and Security 5.1.2 patch pending
vFabric Web Server 5.3.4 patch pending
vCHS - DPS-Data Protection 2.0 patch pending
Service
Table 2
========
Affected clients running a vulnerable version of OpenSSL 0.9.8
or 1.0.1 and communicating over an untrusted network.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
vCSA 5.5 patch pending
vCSA 5.1 patch pending
vCSA 5.0 patch pending
ESXi 5.1 ESXi patch pending
ESXi 5.0 ESXi patch pending
Workstation 10.0.2 any patch pending
Workstation 9.0.3 any patch pending
Fusion 6.x OSX patch pending
Fusion 5.x OSX patch pending
Player 10.0.2 any patch pending
Player 9.0.3 any patch pending
Chargeback Manager 2.5.x patch pending
Horizon Workspace Client for 1.8.1 OSX patch pending
Mac
Horizon Workspace Client for 1.5 OSX patch pending
Mac
Horizon Workspace Client for 1.8.1 Windows patch pending
Windows
Horizon Workspace Client for 1.5 Windows patch pending
OVF Tool 3.5.1 patch pending
OVF Tool 3.0.1 patch pending
vCenter Operations Manager 5.8.1 patch pending
vCenter Support Assistant 5.5.0 patch pending
vCenter Support Assistant 5.5.1 patch pending
vCD 5.1.2 patch pending
vCD 5.1.3 patch pending
vCD 5.5.1.1 patch pending
vCenter Site Recovery Manager 5.0.3.1 patch pending
Table 3
=======
The following table lists all affected clients running a
vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating
over an untrusted network.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
vCenter Server 5.5 any patch pending
vCenter Server 5.1 any patch pending
vCenter Server 5.0 any patch pending
Update Manager 5.5 Windows patch pending
Update Manager 5.1 Windows patch pending
Update Manager 5.0 Windows patch pending
Config Manager (VCM) 5.6 patch pending
Horizon View Client 5.3.1 patch pending
Horizon View Client 4.x patch pending
Horizon Workspace 1.8.1 patch pending
Horizon Workspace 1.5 patch pending
ITBM Standard 1.0.1 patch pending
ITBM Standard 1.0 patch pending
Studio 2.6.0.0 patch pending
Usage Meter 3.3 patch pending
vCenter Chargeback Manager 2.6 patch pending
vCenter Converter Standalone 5.5 patch pending
vCenter Converter Standalone 5.1 patch pending
vCD (VCHS) 5.6.2 patch pending
vCenter Site Recovery Manager 5.5.1 patch pending
vCenter Site Recovery Manager 5.1.1 patch pending
vFabric Application Director 5.2.0 patch pending
vFabric Application Director 5.0.0 patch pending
View Client 5.3.1 patch pending
View Client 4.x patch pending
VIX API 5.5 patch pending
VIX API 1.12 patch pending
vMA (Management Assistant) 5.1.0.1 patch pending
VMware Data Recovery 2.0.3 patch pending
VMware vSphere CLI 5.5 patch pending
vSphere Replication 5.5.1 patch pending
vSphere Replication 5.6 patch pending
vSphere SDK for Perl 5.5 patch pending
vSphere Storage Appliance 5.5.1 patch pending
vSphere Storage Appliance 5.1.3 patch pending
vSphere Support Assistant 5.5.1 patch pending
vSphere Support Assistant 5.5.0 patch pending
vSphere Virtual Disk 5.5 patch pending
Development Kit
vSphere Virtual Disk 5.1 patch pending
Development Kit
vSphere Virtual Disk 5.0 patch pending
Development Kit
- Solution
ESXi 5.5
Download: https://www.vmware.com/patchmgr/download.portal
Release Notes and Remediation Instructions: http://kb.vmware.com/kb/2077359
- Change Log
2014-06-10 VMSA-2014-0006 Initial security advisory in conjunction with the release of ESXi 5.5 updates on 2014-06-10
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved. OpenSSL is a 3rd party product that is embedded with some HP Software products. The impacted products appear in the list below are vulnerable due to embedding of OpenSSL standard release software.
In addition this update disables ZLIB compress by default. If you need to re-enable it for some reason, you can set the environment variable OPENSSL_NO_DEFAULT_ZLIB.
This update also fixes a header declaration which could result in build failures in applications using OpenSSL. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2014:0679-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0679.html Issue date: 2014-06-10 CVE Names: CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.
The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224)
Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433
A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. (CVE-2014-0195)
Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)
A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221)
A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)
Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Jüri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Gröbert and Ivan Fratrić of Google as the original reporters of CVE-2014-3470.
All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1087195 - CVE-2010-5298 openssl: freelist misuse causing a possible use-after-free 1093837 - CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write() 1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability 1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake 1103598 - CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment 1103600 - CVE-2014-3470 openssl: client-side denial of service when using anonymous ECDH
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-34.el7_0.3.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-34.el7_0.3.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-34.el7_0.3.src.rpm
ppc64: openssl-1.0.1e-34.el7_0.3.ppc64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm openssl-devel-1.0.1e-34.el7_0.3.ppc.rpm openssl-devel-1.0.1e-34.el7_0.3.ppc64.rpm openssl-libs-1.0.1e-34.el7_0.3.ppc.rpm openssl-libs-1.0.1e-34.el7_0.3.ppc64.rpm
s390x: openssl-1.0.1e-34.el7_0.3.s390x.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm openssl-devel-1.0.1e-34.el7_0.3.s390.rpm openssl-devel-1.0.1e-34.el7_0.3.s390x.rpm openssl-libs-1.0.1e-34.el7_0.3.s390.rpm openssl-libs-1.0.1e-34.el7_0.3.s390x.rpm
x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm openssl-perl-1.0.1e-34.el7_0.3.ppc64.rpm openssl-static-1.0.1e-34.el7_0.3.ppc.rpm openssl-static-1.0.1e-34.el7_0.3.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm openssl-perl-1.0.1e-34.el7_0.3.s390x.rpm openssl-static-1.0.1e-34.el7_0.3.s390.rpm openssl-static-1.0.1e-34.el7_0.3.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-34.el7_0.3.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2010-5298.html https://www.redhat.com/security/data/cve/CVE-2014-0195.html https://www.redhat.com/security/data/cve/CVE-2014-0198.html https://www.redhat.com/security/data/cve/CVE-2014-0221.html https://www.redhat.com/security/data/cve/CVE-2014-0224.html https://www.redhat.com/security/data/cve/CVE-2014-3470.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/articles/904433 https://access.redhat.com/site/solutions/905793
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFTl161XlSAg2UNWIIRAiJlAKCiztPWPTBaVbDSJK/cEtvknFYpTACgur3t GHJznx5GNeKZ00848jTZ9hw= =48eV -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce.
HP Systems Insight Manager v7.3 Hotfix kit HP Systems Insight Manager v7.2 Hotfix kit (The HP Systems Insight Manager v7.2 Hotfix kit is currently unavailable, but will be released at a later date.
http://h18013.www1.hp.com/products/servers/management/hpsim/download.html
NOTE: No reboot of the system is required after applying the HP SIM Hotfix kit
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.1"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8za"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"_id": null,
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"_id": null,
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"_id": null,
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "openssl",
"scope": null,
"trust": 0.7,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.14"
},
{
"_id": null,
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"_id": null,
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "10.0-beta",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.20.5.0"
},
{
"_id": null,
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "virtual connect 8gb 24-port fc module",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"_id": null,
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"_id": null,
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "chrome for android",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.141"
},
{
"_id": null,
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "9.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2.6"
},
{
"_id": null,
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"_id": null,
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"_id": null,
"model": "10.0-release-p5",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"_id": null,
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"_id": null,
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "virtual connect 8gb 24-port fc module",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"_id": null,
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"_id": null,
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "fortios b0537",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"_id": null,
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77009.7"
},
{
"_id": null,
"model": "9.1-release-p15",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"_id": null,
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"_id": null,
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "34.0"
},
{
"_id": null,
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "release-p4",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed ga level",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"_id": null,
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "10.0-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "9.1-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"_id": null,
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "stunnel",
"scope": "ne",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.02"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp11",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"_id": null,
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"_id": null,
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp12",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "9.1--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"_id": null,
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.10"
},
{
"_id": null,
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"_id": null,
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5.2"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"_id": null,
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"_id": null,
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.2"
},
{
"_id": null,
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"_id": null,
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"_id": null,
"model": "messagesight server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"_id": null,
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"_id": null,
"model": "9.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"_id": null,
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "virtual connect 8gb 24-port fc module",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"_id": null,
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.02007"
},
{
"_id": null,
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"_id": null,
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"_id": null,
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "9.1-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"_id": null,
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "icewall sso dfw certd",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"_id": null,
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025308"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"_id": null,
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.99"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"_id": null,
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.9"
},
{
"_id": null,
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"_id": null,
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"_id": null,
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"_id": null,
"model": "fortios build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0"
},
{
"_id": null,
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"_id": null,
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77109.7"
},
{
"_id": null,
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "10.0-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"_id": null,
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5.2.3"
},
{
"_id": null,
"model": "messagesight server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "safe profile",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"_id": null,
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"_id": null,
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "9.2-rc2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.1"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"_id": null,
"model": "9.1-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"_id": null,
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"_id": null,
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"_id": null,
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"_id": null,
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "intelligencecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"_id": null,
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"_id": null,
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2"
},
{
"_id": null,
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"_id": null,
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"_id": null,
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.12"
},
{
"_id": null,
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "8.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"_id": null,
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"_id": null,
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.3"
},
{
"_id": null,
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"_id": null,
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"_id": null,
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"_id": null,
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"_id": null,
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"_id": null,
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"_id": null,
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"_id": null,
"model": "key",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"_id": null,
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"_id": null,
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp13",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"_id": null,
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.00"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"_id": null,
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"_id": null,
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"_id": null,
"model": "8.4-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"_id": null,
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"_id": null,
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"_id": null,
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"_id": null,
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "10.0-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "icewall sso dfw r2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"_id": null,
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"_id": null,
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"_id": null,
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"_id": null,
"model": "9.3-beta1-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.12"
},
{
"_id": null,
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1.1"
},
{
"_id": null,
"model": "10.0-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"_id": null,
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"_id": null,
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"_id": null,
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "9.2-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.8"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.7"
},
{
"_id": null,
"model": "8.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.13"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"_id": null,
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"_id": null,
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"_id": null,
"model": "puredata system for operational analytics a1791",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "8.4-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "icewall sso certd r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"_id": null,
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"_id": null,
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"_id": null,
"model": "9.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"_id": null,
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"_id": null,
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"_id": null,
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"_id": null,
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"_id": null,
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"_id": null,
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "8.4-release-p12",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "netcool/system service monitor fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.014"
},
{
"_id": null,
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"_id": null,
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "9.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6"
},
{
"_id": null,
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.3"
},
{
"_id": null,
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"_id": null,
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"_id": null,
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"_id": null,
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "8.4-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "fortios b064",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"_id": null,
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"_id": null,
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "10.0-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "8.4-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"_id": null,
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"_id": null,
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"_id": null,
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.6"
},
{
"_id": null,
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"_id": null,
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"_id": null,
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"_id": null,
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "9.2-release-p8",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"_id": null,
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"_id": null,
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"_id": null,
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "9.1-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"_id": null,
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.01"
},
{
"_id": null,
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"_id": null,
"model": "9.2-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"_id": null,
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"_id": null,
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "11.00"
},
{
"_id": null,
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "9.20"
},
{
"_id": null,
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"_id": null,
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"_id": null,
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"_id": null,
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "icewall sso dfw r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "9.1-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.166"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"_id": null,
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"_id": null,
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"_id": null,
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"_id": null,
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.4"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"_id": null,
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"_id": null,
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"_id": null,
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "10.0-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"_id": null,
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "10.0-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "tivoli netcool/system service monitor fp7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"_id": null,
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"_id": null,
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"_id": null,
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0.1650.59"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"_id": null,
"model": "cognos planning fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "project openssl 0.9.8za",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"_id": null,
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "35.0"
},
{
"_id": null,
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"_id": null,
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"_id": null,
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "9.2-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.00"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"_id": null,
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"_id": null,
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "9.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "8.4-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"_id": null,
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"_id": null,
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"_id": null,
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"_id": null,
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"_id": null,
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "9.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "freedome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"_id": null,
"model": "fortios b0630",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"_id": null,
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"_id": null,
"model": "9.3-beta1",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"_id": null,
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "icewall sso dfw r1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-078"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"credits": {
"_id": null,
"data": "J\u00fcri Aedla",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0195",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0195",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0195",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0195",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2014-0195",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201406-078",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0195",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-078"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"description": {
"_id": null,
"data": "The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DTLS packets. The issue lies in the assumption that all fragments specify the same message size. An attacker could leverage this vulnerability to execute code in the context of the process using OpenSSL. \nThe following are vulnerable:\nOpenSSL 0.9.8 prior to 0.9.8za\nOpenSSL 1.0.0 prior to 1.0.0m\nOpenSSL 1.0.1 prior to 1.0.1h. One of the patch backports for\nUbuntu 10.04 LTS caused a regression for certain applications. \n\nWe apologize for the inconvenience. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and\n Ubuntu 14.04 LTS. (CVE-2014-0195)\n Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. \n (CVE-2014-0224)\n Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled\n anonymous ECDH ciphersuites. This issue only\n affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. \n (CVE-2014-3470)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 10.04 LTS:\n libssl0.9.8 0.9.8k-7ubuntu8.21\n\nAfter a standard system update you need to reboot your computer to make all\nthe necessary changes. \n\nHP IceWall SSO Dfw and MCRP\n\nIf possible, do not use SHOST setting which allows IceWall SSO Dfw or MCRP to\nuse SSL/TLS for back-end web server connection. \n\nHP IceWall SSO Dfw Certd\n\nIf possible, set LDAPSSL to 0 to make HP SSO IceWall Certd to not use SSL/TLS\non any connection with LDAP server. \n\nNote: The HP IceWall product is only available in Japan. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04378799\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04378799\nVersion: 1\n\nHPSBMU03074 rev.1 - HP Insight Control server migration on Linux and Windows\nrunning OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized\nAccess, Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-07-23\nLast Updated: 2014-07-23\n\nPotential Security Impact: Remote denial of service (DoS), code execution,\nunauthorized access, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Insight\nControl server migration running on Linux and Windows which could be\nexploited remotely resulting in denial of service (DoS), code execution,\nunauthorized access, or disclosure of information. \n\nReferences:\n\nCVE-2010-5298 Remote Denial of Service\nCVE-2014-0076 Unauthorized Disclosure of Information\nCVE-2014-0195 Remote Unauthorized Access\nCVE-2014-0198 Remote Denial of Service\nCVE-2014-0221 Remote Denial of Service (DoS)\nCVE-2014-0224 Remote Unauthorized Access or Disclosure of Information\nCVE-2014-3470 Remote Code Execution or Unauthorized Access\nSSRT101647\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server migration v7.2.2, v7.3, v7.3.1, and v7.3.2\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following updates to v7.3.2 of HP Insight Control server\nmigration to resolve these vulnerabilities by upgrading to version 7.3.3. \nPlease note that version 7.3.3 of HP Insight Control server migration is\nincluded on the HP Insight Management 7.3 Update 2 DVD. \n\nHP has provided the installation binaries for download from the following web\nsite by using the Receive for free option:\n\nhttp://h18013.www1.hp.com/products/servers/management/fpdownload.html\n\nCustomers using HP Insight Control server migration v7.2.2 must first upgrade\nfrom v7.2.2 to v7.3 by using the HP Insight Management v7.3 DVD, and then\nupgrade to v7.3.3 by using the HP Insight Management v7.3 Update 2 DVD. \n\nCustomers running HP Insight Control server migration v7.3, v7.3.1, or\nv7.3.2, can use the HP Insight Control server migration v7.3 Update 2 DVD to\ncomplete the upgrade. \n\nFor more information on the upgrade process, please refer to the HP Insight\nManagement Installation and Upgrade Guide and Release notes, which are\navailable at the following location:\n\nhttp://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind\nex.aspx?cat=insightmanagement\n\nNOTE: The upgrade paths described above update the entire HP Insight Control\nsoftware stack. To upgrade HP Insight Control server migration only, complete\nthe following steps:\n\nCopy \"hpsmp.exe\" to the local machine from the HP Insight Management v7.3.0\nUpdate 2 DVD ISO. Create batch file with the following commands:\n@echo off\nhpsmp.exe /verysilent /SVCPATCH=Install_Through_Patch\nCopy the batch file to the folder where \"hpsmp.exe\" normally resides on the\ntarget system. \nDouble click on the batch file. \nThe HP Insight Control server migration installation starts in a command\nprompt. \nThe command prompt closes when the installation finishes. \nAfter the installation completes it creates a log file (ICmigr.log) and an\noutput file (ICmigroutput.xml) on the target system. \nDo not close or click on the command prompt while the process is completing. \nDo not run the command prompt in the background. \n\nHISTORY\nVersion:1 (rev.1) - 23 July 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n \n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before\n 1.0.1h does not properly restrict processing of ChangeCipherSpec\n messages, which allows man-in-the-middle attackers to trigger use of a\n zero-length master key in certain OpenSSL-to-OpenSSL communications,\n and consequently hijack sessions or obtain sensitive information,\n via a crafted TLS handshake, aka the CCS Injection vulnerability\n (CVE-2014-0224). \n \n The updated packages have been upgraded to the 1.0.0m version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://www.openssl.org/news/secadv_20140605.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 857d06ddc6423ad124b23eb760459033 mbs1/x86_64/lib64openssl1.0.0-1.0.0m-1.mbs1.x86_64.rpm\n d7436f2f95df5c1d64d44a745f125bd8 mbs1/x86_64/lib64openssl-devel-1.0.0m-1.mbs1.x86_64.rpm\n 67f6cd6da42f01fb2f6054a2f96872af mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0m-1.mbs1.x86_64.rpm\n 5d7c5712c1ce70a2dd2596e803bc7004 mbs1/x86_64/lib64openssl-static-devel-1.0.0m-1.mbs1.x86_64.rpm\n 9866e03e1c112b0c4cb5587b142cfa63 mbs1/x86_64/openssl-1.0.0m-1.mbs1.x86_64.rpm \n 9ac714afa9a9b30419f2f1f5c9ec4e48 mbs1/SRPMS/openssl-1.0.0m-1.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities \n\nEMC Identifier: ESA-2014-079\n\nCVE Identifier: See below for individual CVEs\n\nSeverity Rating: CVSS v2 Base Score: See below for individual CVSS score for each CVE\n\nAffected products: \n\\x95\tAll EMC Documentum Content Server versions of 7.1 prior to P07\n\\x95\tAll EMC Documentum Content Server versions of 7.0\n\\x95\tAll EMC Documentum Content Server versions of 6.7 SP2 prior to P16\n\\x95\tAll EMC Documentum Content Server versions of 6.7 SP1\n\\x95\tAll EMC Documentum Content Server versions prior to 6.7 SP1\n \nSummary: \nEMC Documentum Content Server contains fixes for multiple vulnerabilities which also include vulnerabilities disclosed by the OpenSSL project on June 5, 2014 in OpenSSL. \n\nDetails: \nEMC Documentum Content Server may be susceptible to the following vulnerabilities:\n\n\\x95\tArbitrary Code Execution (CVE-2014-4618):\nAuthenticated non-privileged users can potentially execute Documentum methods with higher level privileges (up to and including superuser privileges) due to improper authorization checks being performed on user-created system objects. \nCVSS v2 Base Score: 8.2 (AV:N/AC:M/Au:S/C:C/I:C/A:P)\n\n\\x95\tDQL Injection (CVE-2014-2520):\nCertain DQL hints in EMC Documentum Content Server may be potentially exploited by an authenticated non-privileged malicious user to conduct DQL injection attacks and read the database contents. \nCVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)\n\n\\x95\tInformation Disclosure (CVE-2014-2521):\nAuthenticated non-privileged users are allowed to retrieve meta-data of unauthorized system objects due to improper authorization checks being performed on certain RPC commands in Content Server. \nCVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)\n\n\\x95\tMultiple OpenSSL vulnerabilities (See individual CVEs below and refer to NVD for each of their scores):\n\tSSL/TLS Man-in-the-middle (MITM) vulnerability (CVE-2014-0224)\n\tDTLS recursion flaw (CVE-2014-0221)\n\tDTLS invalid fragment vulnerability (CVE-2014-0195)\n\tSSL_MODE_RELEASE_BUFFERS NULL pointer deference (CVE-2014-0198)\n\tSSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)\n\tAnonymous ECDH denial of service (CVE-2014-3470)\n\tFLUSH + RELOAD cache side-channel attack (CVE-2014-0076)\nFor more information about these vulnerabilities, please visit the original OpenSSL advisory https://www.openssl.org/news/secadv_20140605.txt \n\nResolution: \nThe following versions contain the resolution for these issues: \n\\x95\tEMC Documentum Content Server version 7.1 P07 and later\n\\x95\tEMC Documentum Content Server version 7.0: Hotfixes are available for Windows \u0026 Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \n\\x95\tEMC Documentum Content Server version 6.7 SP2 P16 and later\n\\x95\tEMC Documentum Content Server version 6.7 SP1: Hotfixes are available for Windows \u0026 Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \n\nEMC recommends all customers to upgrade to one of the above versions at the earliest opportunity. \n\nLink to remedies:\nRegistered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/2732_Documentum-Server\n\nFor Hotfix, contact EMC Support. \n\n\n\nRead and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867. \n\nFor an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. \n\nEMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1h-i486-1_slack14.1.txz: Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8za-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8za-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8za-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8za-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8za-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8za-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1h-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1h-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1h-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1h-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1h-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1h-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1h-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1h-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n634b8ecc8abc6d3f249b73d0fefa5959 openssl-0.9.8za-i486-1_slack13.0.txz\na2529f1243d42a3608f61b96236b5f60 openssl-solibs-0.9.8za-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n2ddac651c5f2531f3a7f70d9f5823bd6 openssl-0.9.8za-x86_64-1_slack13.0.txz\nd7ffeb15713a587f642fbb3d5c310c75 openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n0b84a6a1edf76cba83d4c52c54196baa openssl-0.9.8za-i486-1_slack13.1.txz\ndfd5d241b0e1703ae9d70d6ccda06179 openssl-solibs-0.9.8za-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\nbd749622577a5f76a59d90b95aa922fd openssl-0.9.8za-x86_64-1_slack13.1.txz\n35cf911dd9f0cc13f7f0056d9e1f4520 openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n8f674defac9002c81265d284b1072f75 openssl-0.9.8za-i486-1_slack13.37.txz\n48ce79e7714cb0c823d2b6ea4a88ba51 openssl-solibs-0.9.8za-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\nefa09162c22782c15806bca99472c5be openssl-0.9.8za-x86_64-1_slack13.37.txz\n8e3b8d1e3d3a740bd274fbe38dc10f96 openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\n8e2698d19f54c7e0cac8f998df23b782 openssl-1.0.1h-i486-1_slack14.0.txz\ncf6233bc169cf6dd192bb7210f779fc1 openssl-solibs-1.0.1h-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n2b4f0610d5e46fa7bb27a0b39f0d6d33 openssl-1.0.1h-x86_64-1_slack14.0.txz\n18fdd83dcf86204275508a689a017dea openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n49aea7da42eef41da894f29762971863 openssl-1.0.1h-i486-1_slack14.1.txz\n6f19f4fdc3f018b4e821c519d7bb1e5c openssl-solibs-1.0.1h-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nccf5ff2b107c665a4f3bf98176937749 openssl-1.0.1h-x86_64-1_slack14.1.txz\nea1aaba38c98b096186ca94ca541a793 openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\ndb1ed7ded71ab503f567940fff39eb16 a/openssl-solibs-1.0.1h-i486-1.txz\n0db4f91f9b568b2b2629950e5ab88b22 n/openssl-1.0.1h-i486-1.txz\n\nSlackware x86_64 -current packages:\nd01aef33335bee27f36574241f54091f a/openssl-solibs-1.0.1h-x86_64-1.txz\n95a743d21c58f39573845d6ec5270656 n/openssl-1.0.1h-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1h-i486-1_slack14.1.txz openssl-solibs-1.0.1h-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. These vulnerabilities include: \n\n* The SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" also known as \"POODLE\", which could be exploited remotely\nresulting in disclosure of information. \n\n - HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2010-5298\n 4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L\n 4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)\n\n CVE-2014-0076\n 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2014-0195\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-0198\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0221\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0224\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-3470\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-3566\n 3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2016-0705\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE recommends applying the following software updates to resolve the\nvulnerabilities in the impacted versions of HPE StoreVirtual products running\nHPE LeftHand OS. \n\nLeftHand OS v11.5 - Patches 45019-00 and 45020 \nLeftHand OS v12.0 - Patches 50016-00 and 50017-00 \nLeftHand OS v12.5 - Patch 55016-00 \nLeftHand OS v12.6 - Patch 56002-00 \n\n**Notes:**\n\nThese patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision\nto OpenSSL v1.0.1e 48. \nThese patches migrate Certificate Authority Hashing Algorithm from a weak\nhashing algorithm SHA1 to the stronger hashing algorithm SHA256. Summary\n\n VMware product updates address OpenSSL security vulnerabilities. Problem Description\n\n a. OpenSSL update for multiple products. \n \n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n\n has assigned the names CVE-2014-0224, CVE-2014-0198, \n CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to\n these issues. The most important of these issues is \n CVE-2014-0224. \n\n CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to\n be of moderate severity. Exploitation is highly unlikely or is\n mitigated due to the application configuration. \n\n CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL \n Security Advisory (see Reference section below), do not affect\n any VMware products. Updating\n the server will mitigate this issue for both the server and all\n affected clients. For readability\n the affected products have been split into 3 tables below, \n based on the different client-server configurations and\n deployment scenarios. \n\n MITIGATIONS\n\n Clients that communicate with a patched or non-vulnerable server\n are not vulnerable to CVE-2014-0224. Applying these patches to \n affected servers will mitigate the affected clients (See Table 1\n below). can be mitigated by using a secure network such as \n VPN (see Table 2 below). \n \n Clients and servers that are deployed on an isolated network are\n less exposed to CVE-2014-0224 (see Table 3 below). The affected\n products are typically deployed to communicate over the\n management network. \n\n RECOMMENDATIONS\n\n VMware recommends customers evaluate and deploy patches for\n affected Servers in Table 1 below as these patches become\n available. Patching these servers will remove the ability to\n exploit the vulnerability described in CVE-2014-0224 on both\n clients and servers. VMware recommends customers consider \n applying patches to products listed in Table 2 \u0026 3 as required. \n\n Column 4 of the following tables lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n ESXi 5.5 ESXi ESXi550-\n 201406401-SG \n\n Big Data Extensions 1.1 patch pending \n Charge Back Manager 2.6 patch pending \n\n Horizon Workspace Server \n GATEWAY 1.8.1 patch pending \n Horizon Workspace Server \n GATEWAY 1.5 patch pending \n\n Horizon Workspace Server \n DATA 1.8.1 patch pending \n\n Horizon Mirage Edge Gateway 4.4.2 patch pending \n Horizon View 5.3.1 patch pending \n\n Horizon View Feature Pack 5.3 SP2 patch pending \n\n NSX for Multi-Hypervisor 4.1.2 patch pending \n NSX for Multi-Hypervisor 4.0.3 patch pending \n NSX for vSphere 6.0.4 patch pending \n NVP 3.2.2 patch pending \n vCAC 6.0.1 patch pending \n\n vCloud Networking and Security 5.5.2 \t\t patch pending \n vCloud Networking and Security 5.1.2 \t\t patch pending \n\n vFabric Web Server 5.3.4 patch pending \n\n vCHS - DPS-Data Protection 2.0 patch pending \n Service\n\n Table 2\n ========\n Affected clients running a vulnerable version of OpenSSL 0.9.8 \n or 1.0.1 and communicating over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCSA 5.5 patch pending \n vCSA 5.1 patch pending \n vCSA 5.0 patch pending \n\n\n ESXi 5.1 ESXi patch pending \n ESXi 5.0 ESXi patch pending \n\n Workstation 10.0.2 any patch pending \n Workstation 9.0.3 any patch pending \n Fusion 6.x OSX patch pending \n Fusion 5.x OSX patch pending \n Player 10.0.2 any patch pending \n Player 9.0.3 any patch pending \n\n Chargeback Manager 2.5.x patch pending \n\n Horizon Workspace Client for 1.8.1 OSX patch pending \n Mac\n Horizon Workspace Client for 1.5 OSX patch pending \n Mac\n Horizon Workspace Client for 1.8.1 Windows patch pending \n Windows \n Horizon Workspace Client for 1.5 Windows patch pending \n\n OVF Tool 3.5.1 patch pending \n OVF Tool 3.0.1 patch pending \n\n vCenter Operations Manager 5.8.1 patch pending \n\n vCenter Support Assistant 5.5.0 patch pending \n vCenter Support Assistant 5.5.1 patch pending \n \n vCD 5.1.2 patch pending \n vCD 5.1.3 patch pending \n vCD 5.5.1.1 patch pending \n vCenter Site Recovery Manager 5.0.3.1 patch pending \n\n Table 3\n =======\n The following table lists all affected clients running a\n vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating\n over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCenter Server 5.5 any patch pending\n vCenter Server 5.1 any patch pending\n vCenter Server 5.0 any patch pending\n\n Update Manager 5.5 Windows patch pending\n Update Manager 5.1 Windows patch pending\n Update Manager 5.0 Windows patch pending \n\n Config Manager (VCM) 5.6 patch pending \n\n Horizon View Client 5.3.1 patch pending \n Horizon View Client 4.x patch pending\n Horizon Workspace 1.8.1 patch pending \n Horizon Workspace 1.5 patch pending \n \n \n ITBM Standard 1.0.1 patch pending \n ITBM Standard 1.0 patch pending \n \n Studio 2.6.0.0 patch pending \n \n Usage Meter 3.3 patch pending \n vCenter Chargeback Manager 2.6 patch pending \n vCenter Converter Standalone 5.5 patch pending \n vCenter Converter Standalone 5.1 patch pending \n vCD (VCHS) 5.6.2 patch pending \n \n vCenter Site Recovery Manager 5.5.1 patch pending \n vCenter Site Recovery Manager 5.1.1 patch pending\n\n vFabric Application Director 5.2.0 patch pending \n vFabric Application Director 5.0.0 patch pending \n View Client 5.3.1 patch pending \n View Client 4.x patch pending\n VIX API 5.5 patch pending \n VIX API 1.12 patch pending \n \n vMA (Management Assistant) 5.1.0.1 patch pending \n \n\n VMware Data Recovery 2.0.3 patch pending \n \n VMware vSphere CLI 5.5 patch pending \n \n vSphere Replication 5.5.1 patch pending \n vSphere Replication 5.6 patch pending \n vSphere SDK for Perl 5.5 patch pending \n vSphere Storage Appliance 5.5.1 patch pending \n vSphere Storage Appliance 5.1.3 patch pending \n vSphere Support Assistant 5.5.1 patch pending \n vSphere Support Assistant 5.5.0 patch pending\n vSphere Virtual Disk 5.5 patch pending \n Development Kit \n vSphere Virtual Disk 5.1 patch pending \n Development Kit\n vSphere Virtual Disk 5.0 patch pending \n Development Kit\n \n 4. Solution\n\n ESXi 5.5\n ----------------------------\n\n Download:\n https://www.vmware.com/patchmgr/download.portal\n\n Release Notes and Remediation Instructions:\n http://kb.vmware.com/kb/2077359\n\n 5. Change Log\n\n 2014-06-10 VMSA-2014-0006\n Initial security advisory in conjunction with the release of\n ESXi 5.5 updates on 2014-06-10\n\n- -----------------------------------------------------------------------\n \n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. OpenSSL\nis a 3rd party product that is embedded with some HP Software products. The impacted products\nappear in the list below are vulnerable due to embedding of OpenSSL standard\nrelease software. \n\nIn addition this update disables ZLIB compress by default. If you need\nto re-enable it for some reason, you can set the environment variable\nOPENSSL_NO_DEFAULT_ZLIB. \n\nThis update also fixes a header declaration which could result in\nbuild failures in applications using OpenSSL. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2014:0679-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-0679.html\nIssue date: 2014-06-10\nCVE Names: CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 \n CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 7. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. \n\nIt was found that OpenSSL clients and servers could be forced, via a\nspecially crafted handshake packet, to use weak keying material for\ncommunication. A man-in-the-middle attacker could use this flaw to decrypt\nand modify traffic between a client and a server. (CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client must be\nusing a vulnerable version of OpenSSL; the server must be using OpenSSL\nversion 1.0.1 and above, and the client must be using any version of\nOpenSSL. For more information about this flaw, refer to:\nhttps://access.redhat.com/site/articles/904433\n\nA buffer overflow flaw was found in the way OpenSSL handled invalid DTLS\npacket fragments. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write buffers\nwhen the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or\nserver using OpenSSL could crash or unexpectedly drop connections when\nprocessing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)\n\nA denial of service flaw was found in the way OpenSSL handled certain DTLS\nServerHello requests. A specially crafted DTLS handshake packet could cause\na DTLS client using OpenSSL to crash. (CVE-2014-0221)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed\nanonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially\ncrafted handshake packet could cause a TLS/SSL client that has the\nanonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues. \nUpstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter\nof CVE-2014-0224, J\u00fcri Aedla as the original reporter of CVE-2014-0195,\nImre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix\nGr\u00f6bert and Ivan Fratri\u0107 of Google as the original reporters of\nCVE-2014-3470. \n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1087195 - CVE-2010-5298 openssl: freelist misuse causing a possible use-after-free\n1093837 - CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write()\n1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability\n1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake\n1103598 - CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment\n1103600 - CVE-2014-3470 openssl: client-side denial of service when using anonymous ECDH\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.3.src.rpm\n\nppc64:\nopenssl-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-static-1.0.1e-34.el7_0.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-static-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-static-1.0.1e-34.el7_0.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2010-5298.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0195.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0198.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0221.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0224.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3470.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/site/articles/904433\nhttps://access.redhat.com/site/solutions/905793\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFTl161XlSAg2UNWIIRAiJlAKCiztPWPTBaVbDSJK/cEtvknFYpTACgur3t\nGHJznx5GNeKZ00848jTZ9hw=\n=48eV\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. \n\nHP Systems Insight Manager v7.3 Hotfix kit\nHP Systems Insight Manager v7.2 Hotfix kit (The HP Systems Insight Manager\nv7.2 Hotfix kit is currently unavailable, but will be released at a later\ndate. \n\nhttp://h18013.www1.hp.com/products/servers/management/hpsim/download.html\n\nNOTE: No reboot of the system is required after applying the HP SIM Hotfix\nkit",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0195"
},
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "PACKETSTORM",
"id": "130868"
},
{
"db": "PACKETSTORM",
"id": "127917"
},
{
"db": "PACKETSTORM",
"id": "127386"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127018"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "127123"
},
{
"db": "PACKETSTORM",
"id": "127042"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "PACKETSTORM",
"id": "127608"
}
],
"trust": 3.15
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-0195",
"trust": 4.1
},
{
"db": "ZDI",
"id": "ZDI-14-173",
"trust": 2.1
},
{
"db": "BID",
"id": "67900",
"trust": 2.0
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "59659",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59310",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59305",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59189",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59587",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59491",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60571",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58743",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59449",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59364",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59990",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59192",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58945",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59126",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61254",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59175",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59451",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59429",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59040",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59306",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59518",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58660",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59530",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59514",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59784",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58615",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59188",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58883",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58714",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59365",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59441",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59223",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59454",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59895",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59528",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1030337",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 1.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2304",
"trust": 0.7
},
{
"db": "LENOVO",
"id": "LEN-24443",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201406-078",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.4
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-0195",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130868",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127917",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127386",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127018",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127923",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127608",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126976",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127045",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127403",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127123",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127042",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126930",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "PACKETSTORM",
"id": "130868"
},
{
"db": "PACKETSTORM",
"id": "127917"
},
{
"db": "PACKETSTORM",
"id": "127386"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127018"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "127123"
},
{
"db": "PACKETSTORM",
"id": "127042"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-078"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"id": "VAR-201406-0137",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4114296536842106
},
"last_update_date": "2026-04-10T22:45:36.536000Z",
"patch": {
"_id": null,
"data": [
{
"title": "OpenSSL has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.openssl.org/news/secadv_20140605.txt"
},
{
"title": "openssl-1.0.1h",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51081"
},
{
"title": "openssl-1.0.0m",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51080"
},
{
"title": "openssl-0.9.8za",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51079"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/07/25/how_long_is_too_long_to_wait_for_a_security_update/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/06/06/thanks_for_nothing_openssl_cries_stonewalled_de_raadt/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/06/05/openssl_bug_batch/"
},
{
"title": "Red Hat: CVE-2014-0195",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-0195"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2232-3"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2232-4"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2232-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2232-2"
},
{
"title": "Debian Security Advisories: DSA-2950-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=909292f2afe623fbec51f7ab6b32f790"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-349"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "CVE-2014-0195",
"trust": 0.1,
"url": "https://github.com/ricedu/CVE-2014-0195 "
},
{
"title": "changelog",
"trust": 0.1,
"url": "https://github.com/securityrouter/changelog "
},
{
"title": "changelog",
"trust": 0.1,
"url": "https://github.com/halon/changelog "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/PotterXma/linux-deployment-standard "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/SF4bin/SEEKER_dataset "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hrbrmstr/internetdb "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-078"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.1,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 2.6,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 2.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 2.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 2.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/67900"
},
{
"trust": 2.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 2.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 2.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 2.0,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 2.0,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15356.html"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 2.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 2.0,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676644"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
},
{
"trust": 2.0,
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
},
{
"trust": 2.0,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
},
{
"trust": 1.7,
"url": "http://h30499.www3.hp.com/t5/hp-security-research-blog/once-bled-twice-shy-openssl-cve-2014-0195/ba-p/6501048"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103598"
},
{
"trust": 1.7,
"url": "http://h30499.www3.hp.com/t5/hp-security-research-blog/zdi-14-173-cve-2014-0195-openssl-dtls-fragment-out-of-bounds/ba-p/6501002"
},
{
"trust": 1.7,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59491"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59659"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59528"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59587"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59126"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59514"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58883"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59895"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59530"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59451"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58743"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59990"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60571"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59784"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht6443"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140499827729550\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.7,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1030337"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:106"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61254"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59518"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59454"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59449"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59441"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59429"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59365"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59364"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59310"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59306"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59305"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59223"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59192"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59189"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59188"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59175"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59040"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58945"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58714"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58660"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58615"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=1632ef744872edc2aa2a53d487d3e79c965a4ad3"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1632ef744872edc2aa2a53d487d3e79c965a4ad3"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/solutions/len-24443"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.5,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://www.cerberusftp.com/products/releasenotes.html"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2014/06/chrome-for-android-update.html"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0195_buffer_errors"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678123"
},
{
"trust": 0.3,
"url": "http://www.openssl.org"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www8.hp.com/us/en/software-solutions/operations-analytics-operations-analysis/"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685551"
},
{
"trust": 0.3,
"url": "http://www.marshut.com/ixwnpv/stunnel-5-02-released.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/mar/84"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04343424"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04363613"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368523"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04337774"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04336637"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676673"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676128"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-14-173/"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676840"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682023"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682024"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004695"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://www.ubuntu.com/usn/usn-2232-4/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/site/articles/904433"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.2,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0224.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0198.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2010-5298.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3470.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0221.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0195.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://github.com/ricedu/cve-2014-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34546"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2232-3/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3505"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5139"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3512"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3508"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3510"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3509"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3507"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3506"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3511"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1356843"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.21"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-4"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_n"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://www.hp.com/jp/icewall_patchaccess"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/fpdownload.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2520"
},
{
"trust": 0.1,
"url": "https://support.emc.com/downloads/2732_documentum-server"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2521"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/hpsim/download.html"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://twitter.com/vmwaresrc"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2077359"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/lifecycle.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/patchmgr/download.portal"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/km01020441"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/905793"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0679.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/906703"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0628.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "PACKETSTORM",
"id": "130868"
},
{
"db": "PACKETSTORM",
"id": "127917"
},
{
"db": "PACKETSTORM",
"id": "127386"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127018"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "127123"
},
{
"db": "PACKETSTORM",
"id": "127042"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-078"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-14-173",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2014-0195",
"ident": null
},
{
"db": "BID",
"id": "67900",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130868",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127917",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127386",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127607",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127018",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127923",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127608",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126976",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "140720",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127045",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127403",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127123",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127042",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126930",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201406-078",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-0195",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-06-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-173",
"ident": null
},
{
"date": "2014-06-05T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0195",
"ident": null
},
{
"date": "2014-06-05T00:00:00",
"db": "BID",
"id": "67900",
"ident": null
},
{
"date": "2015-03-18T00:44:34",
"db": "PACKETSTORM",
"id": "130868",
"ident": null
},
{
"date": "2014-08-18T23:09:13",
"db": "PACKETSTORM",
"id": "127917",
"ident": null
},
{
"date": "2014-07-09T04:03:23",
"db": "PACKETSTORM",
"id": "127386",
"ident": null
},
{
"date": "2014-07-24T23:47:46",
"db": "PACKETSTORM",
"id": "127607",
"ident": null
},
{
"date": "2014-06-10T17:34:04",
"db": "PACKETSTORM",
"id": "127018",
"ident": null
},
{
"date": "2014-08-19T16:52:04",
"db": "PACKETSTORM",
"id": "127923",
"ident": null
},
{
"date": "2014-07-24T23:48:05",
"db": "PACKETSTORM",
"id": "127608",
"ident": null
},
{
"date": "2014-06-06T23:46:36",
"db": "PACKETSTORM",
"id": "126976",
"ident": null
},
{
"date": "2017-01-25T21:54:44",
"db": "PACKETSTORM",
"id": "140720",
"ident": null
},
{
"date": "2014-06-11T23:18:46",
"db": "PACKETSTORM",
"id": "127045",
"ident": null
},
{
"date": "2014-07-09T17:11:19",
"db": "PACKETSTORM",
"id": "127403",
"ident": null
},
{
"date": "2014-06-17T13:28:30",
"db": "PACKETSTORM",
"id": "127123",
"ident": null
},
{
"date": "2014-06-11T00:10:53",
"db": "PACKETSTORM",
"id": "127042",
"ident": null
},
{
"date": "2014-06-05T15:19:35",
"db": "PACKETSTORM",
"id": "126930",
"ident": null
},
{
"date": "2014-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-078",
"ident": null
},
{
"date": "2014-06-05T21:55:06.147000",
"db": "NVD",
"id": "CVE-2014-0195",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2014-06-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-173",
"ident": null
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0195",
"ident": null
},
{
"date": "2017-05-23T16:25:00",
"db": "BID",
"id": "67900",
"ident": null
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-078",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-0195",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "127018"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-078"
}
],
"trust": 0.8
},
"title": {
"_id": null,
"data": "OpenSSL DTLS Fragment Out-Of-Bounds Write Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
}
],
"trust": 0.7
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-078"
}
],
"trust": 0.6
}
}
VAR-201306-0258
Vulnerability from variot - Updated: 2026-04-10 22:41Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not "properly manage and restrict certain resources related to the processing of fonts," possibly involving temporary files. The vulnerability can be exploited over multiple protocols. This issue affects the 'CORBA' sub-component. This vulnerability affects the following supported versions: 7 Update 21 , 6 Update 45 , 5.0 Update 45. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: java-1.7.0-openjdk security update Advisory ID: RHSA-2013:0957-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0957.html Issue date: 2013-06-19 CVE Names: CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 =====================================================================
- Summary:
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64
- Description:
These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit.
Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469)
Integer overflow flaws were found in the way AWT processed certain input. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted Java applet or application. (CVE-2013-2459)
Multiple improper permission check issues were discovered in the Sound, JDBC, Libraries, JMX, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-2448, CVE-2013-2454, CVE-2013-2458, CVE-2013-2457, CVE-2013-2453, CVE-2013-2460)
Multiple flaws in the Serialization, Networking, Libraries and CORBA components can be exploited by an untrusted Java application or applet to gain access to potentially sensitive information. (CVE-2013-2456, CVE-2013-2447, CVE-2013-2455, CVE-2013-2452, CVE-2013-2443, CVE-2013-2446)
It was discovered that the Hotspot component did not properly handle out-of-memory errors. An untrusted Java application or applet could possibly use these flaws to terminate the Java Virtual Machine. (CVE-2013-2445)
It was discovered that the AWT component did not properly manage certain resources and that the ObjectStreamClass of the Serialization component did not properly handle circular references. An untrusted Java application or applet could possibly use these flaws to cause a denial of service. (CVE-2013-2444, CVE-2013-2450)
It was discovered that the Libraries component contained certain errors related to XML security and the class loader. A remote attacker could possibly exploit these flaws to bypass intended security mechanisms or disclose potentially sensitive information and cause a denial of service. (CVE-2013-2407, CVE-2013-2461)
It was discovered that JConsole did not properly inform the user when establishing an SSL connection failed. An attacker could exploit this flaw to gain access to potentially sensitive information. (CVE-2013-2412)
It was discovered that GnomeFileTypeDetector did not check for read permissions when accessing files. An untrusted Java application or applet could possibly use this flaw to disclose potentially sensitive information. (CVE-2013-2449)
It was found that documentation generated by Javadoc was vulnerable to a frame injection attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially-crafted URL, it would lead to arbitrary web content being displayed next to the documentation. This could be used to perform a phishing attack by providing frame content that spoofed a login form on the site hosting the vulnerable documentation. (CVE-2013-1571)
It was discovered that the 2D component created shared memory segments with insecure permissions. A local attacker could use this flaw to read or write to the shared memory segment. (CVE-2013-1500)
Red Hat would like to thank Tim Brown for reporting CVE-2013-1500, and US-CERT for reporting CVE-2013-1571. US-CERT acknowledges Oracle as the original reporter of CVE-2013-1571.
Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
After installing this update, users of icedtea-web must install RHBA-2013:0959 for icedtea-web to continue functioning.
This erratum also upgrades the OpenJDK package to IcedTea7 2.3.10. Refer to the NEWS file, linked to in the References, for further information.
- Solution:
All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
973474 - CVE-2013-1571 OpenJDK: Frame injection in generated HTML (Javadoc, 8012375) 975099 - CVE-2013-2470 OpenJDK: ImagingLib byte lookup processing (2D, 8011243) 975102 - CVE-2013-2471 OpenJDK: Incorrect IntegerComponentRaster size checks (2D, 8011248) 975107 - CVE-2013-2472 OpenJDK: Incorrect ShortBandedRaster size checks (2D, 8011253) 975110 - CVE-2013-2473 OpenJDK: Incorrect ByteBandedRaster size checks (2D, 8011257) 975115 - CVE-2013-2463 OpenJDK: Incorrect image attribute verification (2D, 8012438) 975118 - CVE-2013-2465 OpenJDK: Incorrect image channel verification (2D, 8012597) 975120 - CVE-2013-2469 OpenJDK: Incorrect image layout verification (2D, 8012601) 975121 - CVE-2013-2459 OpenJDK: Various AWT integer overflow checks (AWT, 8009071) 975122 - CVE-2013-2460 OpenJDK: tracing insufficient access checks (Serviceability, 8010209) 975124 - CVE-2013-2445 OpenJDK: Better handling of memory allocation errors (Hotspot, 7158805) 975125 - CVE-2013-2448 OpenJDK: Better access restrictions (Sound, 8006328) 975126 - CVE-2013-2461 OpenJDK: Missing check for valid DOMCanonicalizationMethod canonicalization algorithm (Libraries, 8014281) 975127 - CVE-2013-2407 OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744) 975129 - CVE-2013-2454 OpenJDK: SerialJavaObject package restriction (JDBC, 8009554) 975130 - CVE-2013-2458 OpenJDK: Method handles (Libraries, 8009424) 975131 - CVE-2013-2444 OpenJDK: Resource denial of service (AWT, 8001038) 975132 - CVE-2013-2446 OpenJDK: output stream access restrictions (CORBA, 8000642) 975133 - CVE-2013-2457 OpenJDK: Proper class checking (JMX, 8008120) 975134 - CVE-2013-2453 OpenJDK: MBeanServer Introspector package access (JMX, 8008124) 975137 - CVE-2013-2443 OpenJDK: AccessControlContext check order issue (Libraries, 8001330) 975138 - CVE-2013-2452 OpenJDK: Unique VMIDs(Libraries, 8001033) 975139 - CVE-2013-2455 OpenJDK: getEnclosing* checks (Libraries, 8007812) 975140 - CVE-2013-2447 OpenJDK: Prevent revealing the local address (Networking, 8001318) 975141 - CVE-2013-2450 OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638) 975142 - CVE-2013-2456 OpenJDK: ObjectOutputStream access checks (Serialization, 8008132) 975144 - CVE-2013-2412 OpenJDK: JConsole SSL support (Serviceability, 8003703) 975145 - CVE-2013-2449 OpenJDK: GnomeFileTypeDetector path access check(Libraries, 8004288) 975148 - CVE-2013-1500 OpenJDK: Insecure shared memory permissions (2D, 8001034)
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
i386: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
i386: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
i386: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-1500.html https://www.redhat.com/security/data/cve/CVE-2013-1571.html https://www.redhat.com/security/data/cve/CVE-2013-2407.html https://www.redhat.com/security/data/cve/CVE-2013-2412.html https://www.redhat.com/security/data/cve/CVE-2013-2443.html https://www.redhat.com/security/data/cve/CVE-2013-2444.html https://www.redhat.com/security/data/cve/CVE-2013-2445.html https://www.redhat.com/security/data/cve/CVE-2013-2446.html https://www.redhat.com/security/data/cve/CVE-2013-2447.html https://www.redhat.com/security/data/cve/CVE-2013-2448.html https://www.redhat.com/security/data/cve/CVE-2013-2449.html https://www.redhat.com/security/data/cve/CVE-2013-2450.html https://www.redhat.com/security/data/cve/CVE-2013-2452.html https://www.redhat.com/security/data/cve/CVE-2013-2453.html https://www.redhat.com/security/data/cve/CVE-2013-2454.html https://www.redhat.com/security/data/cve/CVE-2013-2455.html https://www.redhat.com/security/data/cve/CVE-2013-2456.html https://www.redhat.com/security/data/cve/CVE-2013-2457.html https://www.redhat.com/security/data/cve/CVE-2013-2458.html https://www.redhat.com/security/data/cve/CVE-2013-2459.html https://www.redhat.com/security/data/cve/CVE-2013-2460.html https://www.redhat.com/security/data/cve/CVE-2013-2461.html https://www.redhat.com/security/data/cve/CVE-2013-2463.html https://www.redhat.com/security/data/cve/CVE-2013-2465.html https://www.redhat.com/security/data/cve/CVE-2013-2469.html https://www.redhat.com/security/data/cve/CVE-2013-2470.html https://www.redhat.com/security/data/cve/CVE-2013-2471.html https://www.redhat.com/security/data/cve/CVE-2013-2472.html https://www.redhat.com/security/data/cve/CVE-2013-2473.html https://access.redhat.com/security/updates/classification/#critical http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.10/NEWS https://rhn.redhat.com/errata/RHBA-2013-0959.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRwkhZXlSAg2UNWIIRAq8SAJ9tsW9PY39Aa6lmSLhOhlUi8hrnugCePCKO NAdLLpJKlVulPXKONu/CudU= =+H1U -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03868911
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03868911 Version: 1
HPSBUX02907 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2013-07-31 Last Updated: 2013-07-31
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. HP-UX B.11.23, and B.11.31 running HP JDK and JRE v7.0.06 and earlier
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2013-1571 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2013-2400 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-2407 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2013-2412 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2437 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2442 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2013-2443 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2444 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2445 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2013-2446 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2447 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2448 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-2449 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2013-2450 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2452 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2453 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-2454 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2013-2455 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2456 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2457 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-2458 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2013-2459 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2460 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-2461 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2013-2462 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-2463 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2464 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2465 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2466 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2467 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2013-2468 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2469 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2470 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2471 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2472 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2473 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-3743 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-3744 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrade to resolve these vulnerabilities.
The upgrade is available from the following location: http://www.hp.com/java
OS Version Release Version
HP-UX B.11.23, B.11.31 JDK and JRE v7.0.07 or subsequent
MANUAL ACTIONS: Yes - Update For Java v7.0 update to Java v7.0.07 or subsequent
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.23 HP-UX B.11.31 =========== Jdk70.JDK70-COM Jdk70.JDK70-DEMO Jdk70.JDK70-IPF32 Jdk70.JDK70-IPF64 Jre70.JRE70-COM Jre70.JRE70-IPF32 Jre70.JRE70-IPF32-HS Jre70.JRE70-IPF64 Jre70.JRE70-IPF64-HS action: install revision 1.7.0.07.00 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 31 July 2013 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "javafx",
"scope": "lte",
"trust": 1.8,
"vendor": "oracle",
"version": "2.2.21"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "javafx",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.2"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "javafx",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "javafx",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.0.2"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "javafx",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.2.7"
},
{
"_id": null,
"model": "javafx",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.0.3"
},
{
"_id": null,
"model": "javafx",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.2.5"
},
{
"_id": null,
"model": "javafx",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.0"
},
{
"_id": null,
"model": "javafx",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.2.3"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "javafx",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.2.4"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jre 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 16",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.7"
},
{
"_id": null,
"model": "jre 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 01",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 17",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 10",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 0 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 24",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 16",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 9",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 8",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 17",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 13",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 11",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 10",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 43",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 41",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 9",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 8",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 21",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 13",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 12",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 11",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 10",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 43",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 37",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.7"
},
{
"_id": null,
"model": "jdk 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7 and later"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.8 and later"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7 and later"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "5.0 update 45"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "6 update 45"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "7 update 21"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "5.0 update 45"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "6 update 45"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "7 update 21"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.0 update 33"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6 update 21"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.0 update 33"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6 update 21"
},
{
"_id": null,
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer\u0027s kit for java",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"_id": null,
"model": "cosminexus server - standard edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - web edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- standard edition version 4"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- web edition version 4"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard-r"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "for plug-in"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus operator",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"_id": null,
"model": "ucosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard-r"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"_id": null,
"model": "jre 1.6.0 20",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 2",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0.0 07",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 01",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 11",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 01-b06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 11-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 07-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.7.0 12",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 45",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 21",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 17",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 41",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "freeflow print server 93.e0.21c",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "freeflow print server 91.d2.32",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "freeflow print server 82.d1.44",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "freeflow print server 81.d0.73",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "freeflow print server 73.d2.33",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "freeflow print server 73.c5.11",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux enterprise software development kit sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise server sp3 for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise server sp3 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise java sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise java sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jre 1.5.0 09",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 08",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 01-b06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 11-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 07-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 0 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0 11",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "trio tview software",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.27.0"
},
{
"_id": null,
"model": "suse core for",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9x86"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"_id": null,
"model": "core",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6)5.5"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5)5.5"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "websphere real time sr4-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "websphere real time",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "websphere operational decision management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "websphere ilog jrules",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "virtualization engine ts7700",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "tivoli system automation for integrated operations management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"_id": null,
"model": "tivoli system automation for integrated operations management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.33"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.32"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.3"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.29"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.2"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.104"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.203"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.1"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.3.1"
},
{
"_id": null,
"model": "tivoli monitoring fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.2"
},
{
"_id": null,
"model": "tivoli monitoring fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.24"
},
{
"_id": null,
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.13"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.12"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.11"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.5"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.4"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56009.7"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"_id": null,
"model": "os/400 v6r1m0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "os/400 v5r4m0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.8"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.7"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.6"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.5"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.4"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.3"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.2"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.2"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.1"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.5"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.4"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.6"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.5"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.4"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.3"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.2"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.1"
},
{
"_id": null,
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.4"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.4"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.3"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.2"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.1"
},
{
"_id": null,
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "java se",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2"
},
{
"_id": null,
"model": "java se",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "java se",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "java se",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2"
},
{
"_id": null,
"model": "java sdk sr4-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "java sdk sr5-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "java sdk sr13-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "java sdk sr16-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"_id": null,
"model": "java sdk sr13-fp17",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "i v5r4",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "flex system manager types",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "87341.3"
},
{
"_id": null,
"model": "flex system manager types",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "87341.1.0"
},
{
"_id": null,
"model": "flex system manager types",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "87311.3"
},
{
"_id": null,
"model": "flex system manager types",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "87311.1.0"
},
{
"_id": null,
"model": "flex system manager types",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79551.3"
},
{
"_id": null,
"model": "flex system manager types",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79551.1.0"
},
{
"_id": null,
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"_id": null,
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "8"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "8"
},
{
"_id": null,
"model": "ucosminexus operator",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "8"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "8"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "4.0"
},
{
"_id": null,
"model": "cosminexus server web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-4"
},
{
"_id": null,
"model": "cosminexus server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-4"
},
{
"_id": null,
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0"
},
{
"_id": null,
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"_id": null,
"model": "cosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"_id": null,
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0"
},
{
"_id": null,
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.0"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "9.0"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "8.0"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.3"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.2"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "voice portal sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "messaging application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "ir",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "conferencing standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "conferencing standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "conferencing standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "cms r16.3",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "cms r16",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "cms r15",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "call management system r17.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"_id": null,
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura conferencing sp1 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "trio tview software",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.29.0"
},
{
"_id": null,
"model": "websphere real time sr5",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.12"
},
{
"_id": null,
"model": "virtualization engine ts7700",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.31.0.89"
},
{
"_id": null,
"model": "tivoli system automation for integrated operations management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.5"
},
{
"_id": null,
"model": "lotus notes fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.35"
},
{
"_id": null,
"model": "lotus domino fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.35"
},
{
"_id": null,
"model": "java sdk sr5",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "java sdk sr6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "java sdk sr14",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "java sdk sr16-fp3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "java sdk sr13-fp18",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2"
},
{
"_id": null,
"model": "integration bus",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "60633"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003041"
},
{
"db": "NVD",
"id": "CVE-2013-2444"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:javafx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:jdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:jre",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:jdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:jre",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_light",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_operator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_architect",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_platform",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003041"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "123734"
},
{
"db": "PACKETSTORM",
"id": "122405"
},
{
"db": "PACKETSTORM",
"id": "122441"
},
{
"db": "PACKETSTORM",
"id": "126195"
},
{
"db": "PACKETSTORM",
"id": "122109"
},
{
"db": "PACKETSTORM",
"id": "122084"
}
],
"trust": 0.6
},
"cve": "CVE-2013-2444",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-2444",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-2444",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-2444",
"trust": 0.8,
"value": "Medium"
},
{
"author": "VULMON",
"id": "CVE-2013-2444",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-2444"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003041"
},
{
"db": "NVD",
"id": "CVE-2013-2444"
}
]
},
"description": {
"_id": null,
"data": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not \"properly manage and restrict certain resources related to the processing of fonts,\" possibly involving temporary files. \nThe vulnerability can be exploited over multiple protocols. This issue affects the \u0027CORBA\u0027 sub-component. \nThis vulnerability affects the following supported versions:\n7 Update 21 , 6 Update 45 , 5.0 Update 45. In a typical operating environment, these are of low security risk as\nthe runtime is not used on untrusted applets. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch Update Advisory page, listed in the References section. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: java-1.7.0-openjdk security update\nAdvisory ID: RHSA-2013:0957-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0957.html\nIssue date: 2013-06-19\nCVE Names: CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 \n CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 \n CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 \n CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 \n CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 \n CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 \n CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 \n CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 \n CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 \n CVE-2013-2472 CVE-2013-2473 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-openjdk packages that fix various security issues are\nnow available for Red Hat Enterprise Linux 6. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64\n\n3. Description:\n\nThese packages provide the OpenJDK 7 Java Runtime Environment and the\nOpenJDK 7 Software Development Kit. \n\nMultiple flaws were discovered in the ImagingLib and the image attribute,\nchannel, layout and raster processing in the 2D component. An untrusted\nJava application or applet could possibly use these flaws to trigger Java\nVirtual Machine memory corruption. (CVE-2013-2470, CVE-2013-2471,\nCVE-2013-2472, CVE-2013-2473, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469)\n\nInteger overflow flaws were found in the way AWT processed certain input. \nAn attacker could use these flaws to execute arbitrary code with the\nprivileges of the user running an untrusted Java applet or application. \n(CVE-2013-2459)\n\nMultiple improper permission check issues were discovered in the Sound,\nJDBC, Libraries, JMX, and Serviceability components in OpenJDK. An\nuntrusted Java application or applet could use these flaws to bypass Java\nsandbox restrictions. (CVE-2013-2448, CVE-2013-2454, CVE-2013-2458,\nCVE-2013-2457, CVE-2013-2453, CVE-2013-2460)\n\nMultiple flaws in the Serialization, Networking, Libraries and CORBA\ncomponents can be exploited by an untrusted Java application or applet to\ngain access to potentially sensitive information. (CVE-2013-2456,\nCVE-2013-2447, CVE-2013-2455, CVE-2013-2452, CVE-2013-2443, CVE-2013-2446)\n\nIt was discovered that the Hotspot component did not properly handle\nout-of-memory errors. An untrusted Java application or applet could\npossibly use these flaws to terminate the Java Virtual Machine. \n(CVE-2013-2445)\n\nIt was discovered that the AWT component did not properly manage certain\nresources and that the ObjectStreamClass of the Serialization component\ndid not properly handle circular references. An untrusted Java application\nor applet could possibly use these flaws to cause a denial of service. \n(CVE-2013-2444, CVE-2013-2450)\n\nIt was discovered that the Libraries component contained certain errors\nrelated to XML security and the class loader. A remote attacker could\npossibly exploit these flaws to bypass intended security mechanisms or\ndisclose potentially sensitive information and cause a denial of service. \n(CVE-2013-2407, CVE-2013-2461)\n\nIt was discovered that JConsole did not properly inform the user when\nestablishing an SSL connection failed. An attacker could exploit this flaw\nto gain access to potentially sensitive information. (CVE-2013-2412)\n\nIt was discovered that GnomeFileTypeDetector did not check for read\npermissions when accessing files. An untrusted Java application or applet\ncould possibly use this flaw to disclose potentially sensitive information. \n(CVE-2013-2449)\n\nIt was found that documentation generated by Javadoc was vulnerable to a\nframe injection attack. If such documentation was accessible over a\nnetwork, and a remote attacker could trick a user into visiting a\nspecially-crafted URL, it would lead to arbitrary web content being\ndisplayed next to the documentation. This could be used to perform a\nphishing attack by providing frame content that spoofed a login form on\nthe site hosting the vulnerable documentation. (CVE-2013-1571)\n\nIt was discovered that the 2D component created shared memory segments with\ninsecure permissions. A local attacker could use this flaw to read or write\nto the shared memory segment. (CVE-2013-1500)\n\nRed Hat would like to thank Tim Brown for reporting CVE-2013-1500, and\nUS-CERT for reporting CVE-2013-1571. US-CERT acknowledges Oracle as the\noriginal reporter of CVE-2013-1571. \n\nNote: If the web browser plug-in provided by the icedtea-web package was\ninstalled, the issues exposed via Java applets could have been exploited\nwithout user interaction if a user visited a malicious website. \n\nAfter installing this update, users of icedtea-web must install\nRHBA-2013:0959 for icedtea-web to continue functioning. \n\nThis erratum also upgrades the OpenJDK package to IcedTea7 2.3.10. Refer to\nthe NEWS file, linked to in the References, for further information. \n\n4. Solution:\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect. \n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n973474 - CVE-2013-1571 OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)\n975099 - CVE-2013-2470 OpenJDK: ImagingLib byte lookup processing (2D, 8011243)\n975102 - CVE-2013-2471 OpenJDK: Incorrect IntegerComponentRaster size checks (2D, 8011248)\n975107 - CVE-2013-2472 OpenJDK: Incorrect ShortBandedRaster size checks (2D, 8011253)\n975110 - CVE-2013-2473 OpenJDK: Incorrect ByteBandedRaster size checks (2D, 8011257)\n975115 - CVE-2013-2463 OpenJDK: Incorrect image attribute verification (2D, 8012438)\n975118 - CVE-2013-2465 OpenJDK: Incorrect image channel verification (2D, 8012597)\n975120 - CVE-2013-2469 OpenJDK: Incorrect image layout verification (2D, 8012601)\n975121 - CVE-2013-2459 OpenJDK: Various AWT integer overflow checks (AWT, 8009071)\n975122 - CVE-2013-2460 OpenJDK: tracing insufficient access checks (Serviceability, 8010209)\n975124 - CVE-2013-2445 OpenJDK: Better handling of memory allocation errors (Hotspot, 7158805)\n975125 - CVE-2013-2448 OpenJDK: Better access restrictions (Sound, 8006328)\n975126 - CVE-2013-2461 OpenJDK: Missing check for valid DOMCanonicalizationMethod canonicalization algorithm (Libraries, 8014281)\n975127 - CVE-2013-2407 OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744)\n975129 - CVE-2013-2454 OpenJDK: SerialJavaObject package restriction (JDBC, 8009554)\n975130 - CVE-2013-2458 OpenJDK: Method handles (Libraries, 8009424)\n975131 - CVE-2013-2444 OpenJDK: Resource denial of service (AWT, 8001038)\n975132 - CVE-2013-2446 OpenJDK: output stream access restrictions (CORBA, 8000642)\n975133 - CVE-2013-2457 OpenJDK: Proper class checking (JMX, 8008120)\n975134 - CVE-2013-2453 OpenJDK: MBeanServer Introspector package access (JMX, 8008124)\n975137 - CVE-2013-2443 OpenJDK: AccessControlContext check order issue (Libraries, 8001330)\n975138 - CVE-2013-2452 OpenJDK: Unique VMIDs(Libraries, 8001033)\n975139 - CVE-2013-2455 OpenJDK: getEnclosing* checks (Libraries, 8007812)\n975140 - CVE-2013-2447 OpenJDK: Prevent revealing the local address (Networking, 8001318)\n975141 - CVE-2013-2450 OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)\n975142 - CVE-2013-2456 OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)\n975144 - CVE-2013-2412 OpenJDK: JConsole SSL support (Serviceability, 8003703)\n975145 - CVE-2013-2449 OpenJDK: GnomeFileTypeDetector path access check(Libraries, 8004288)\n975148 - CVE-2013-1500 OpenJDK: Insecure shared memory permissions (2D, 8001034)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-1500.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1571.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2407.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2412.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2443.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2444.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2445.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2446.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2447.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2448.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2449.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2450.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2452.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2453.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2454.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2455.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2456.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2457.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2458.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2459.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2460.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2461.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2463.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2465.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2469.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2470.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2471.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2472.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2473.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.10/NEWS\nhttps://rhn.redhat.com/errata/RHBA-2013-0959.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRwkhZXlSAg2UNWIIRAq8SAJ9tsW9PY39Aa6lmSLhOhlUi8hrnugCePCKO\nNAdLLpJKlVulPXKONu/CudU=\n=+H1U\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c03868911\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03868911\nVersion: 1\n\nHPSBUX02907 rev.1 - HP-UX Running Java7, Remote Unauthorized Access,\nDisclosure of Information, and Other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2013-07-31\nLast Updated: 2013-07-31\n\nPotential Security Impact: Remote unauthorized access, disclosure of\ninformation, and other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in Java Runtime\nEnvironment (JRE) and Java Developer Kit (JDK) running on HP-UX. \nHP-UX B.11.23, and B.11.31 running HP JDK and JRE v7.0.06 and earlier\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2013-1571 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2013-2400 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-2407 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4\nCVE-2013-2412 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-2437 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-2442 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2013-2443 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-2444 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-2445 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2013-2446 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-2447 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-2448 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2013-2449 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2013-2450 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-2452 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-2453 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-2454 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8\nCVE-2013-2455 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-2456 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-2457 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-2458 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8\nCVE-2013-2459 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2460 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2013-2461 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2013-2462 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2013-2463 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2464 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2465 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2466 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2467 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9\nCVE-2013-2468 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2469 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2470 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2471 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2472 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-2473 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-3743 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2013-3744 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following Java version upgrade to resolve these\nvulnerabilities. \n\nThe upgrade is available from the following location: http://www.hp.com/java\n\nOS Version\n Release Version\n\nHP-UX B.11.23, B.11.31\n JDK and JRE v7.0.07 or subsequent\n\nMANUAL ACTIONS: Yes - Update\nFor Java v7.0 update to Java v7.0.07 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJdk70.JDK70-COM\nJdk70.JDK70-DEMO\nJdk70.JDK70-IPF32\nJdk70.JDK70-IPF64\nJre70.JRE70-COM\nJre70.JRE70-IPF32\nJre70.JRE70-IPF32-HS\nJre70.JRE70-IPF64\nJre70.JRE70-IPF64-HS\naction: install revision 1.7.0.07.00 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 31 July 2013 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2013 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2444"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003041"
},
{
"db": "BID",
"id": "60633"
},
{
"db": "VULMON",
"id": "CVE-2013-2444"
},
{
"db": "PACKETSTORM",
"id": "123734"
},
{
"db": "PACKETSTORM",
"id": "122405"
},
{
"db": "PACKETSTORM",
"id": "122441"
},
{
"db": "PACKETSTORM",
"id": "126195"
},
{
"db": "PACKETSTORM",
"id": "122109"
},
{
"db": "PACKETSTORM",
"id": "122084"
},
{
"db": "PACKETSTORM",
"id": "122651"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2013-2444",
"trust": 2.9
},
{
"db": "USCERT",
"id": "TA13-169A",
"trust": 1.9
},
{
"db": "BID",
"id": "60633",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "54154",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003041",
"trust": 0.8
},
{
"db": "HITACHI",
"id": "HS13-015",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-213-02",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2013-2444",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123734",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122405",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122441",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126195",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122109",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122084",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122651",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-2444"
},
{
"db": "BID",
"id": "60633"
},
{
"db": "PACKETSTORM",
"id": "123734"
},
{
"db": "PACKETSTORM",
"id": "122405"
},
{
"db": "PACKETSTORM",
"id": "122441"
},
{
"db": "PACKETSTORM",
"id": "126195"
},
{
"db": "PACKETSTORM",
"id": "122109"
},
{
"db": "PACKETSTORM",
"id": "122084"
},
{
"db": "PACKETSTORM",
"id": "122651"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003041"
},
{
"db": "NVD",
"id": "CVE-2013-2444"
}
]
},
"id": "VAR-201306-0258",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2026-04-10T22:41:34.817000Z",
"patch": {
"_id": null,
"data": [
{
"title": "APPLE-SA-2013-06-18-1",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00002.html"
},
{
"title": "HT5797",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5797"
},
{
"title": "HT5797",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5797?viewlocale=ja_JP"
},
{
"title": "HS13-015",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-015/index.html"
},
{
"title": "HPSBUX02922 SSRT101305",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
},
{
"title": "HPSBUX02907",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03868911"
},
{
"title": "HPSBUX02908",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03874547"
},
{
"title": "1642336",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"title": "SUSE-SU-2013:1293",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"title": "SUSE-SU-2013:1305",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"title": "SUSE-SU-2013:1255",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"title": "SUSE-SU-2013:1257",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"title": "jdk7u/jdk7u-dev/jdk / changeset",
"trust": 0.8,
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/09c14ca57ff0"
},
{
"title": "Oracle Java SE Critical Patch Update Advisory - June 2013",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
},
{
"title": "Text Form of Oracle Java SE Critical Patch Update - June 2013 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013verbose-1899853.html"
},
{
"title": "Bug 975131",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=975131"
},
{
"title": "RHSA-2013:1060",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"title": "RHSA-2013:1081",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"title": "RHSA-2013:1455",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"title": "RHSA-2013:1059",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"title": "RHSA-2013:1456",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"title": "RHSA-2013:1014",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2013-1014.html"
},
{
"title": "RHSA-2013:0963",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
},
{
"title": "RHSA-2013:0957",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2013-0957.html"
},
{
"title": "RHSA-2013:0958",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2013-0958.html"
},
{
"title": "MDVSA-2013:183",
"trust": 0.8,
"url": "http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2013:183/?name=MDVSA-2013:183"
},
{
"title": "June 2013 Critical Patch Update for Java SE Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/june_2013_critical_patch_update"
},
{
"title": "HS13-015",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-015/index.html"
},
{
"title": "TA13-169A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta13-169a.html"
},
{
"title": "Oracle Corporation Java\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://azby.fmworld.net/support/security/information/oj20130620.html"
},
{
"title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1907-1"
},
{
"title": "Ubuntu Security Notice: icedtea-web update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1907-2"
},
{
"title": "Ubuntu Security Notice: openjdk-6 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1908-1"
},
{
"title": "Debian Security Advisories: DSA-2727-1 openjdk-6 -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=e7d6ea8eb77ee8911e5bbc08ff43f55c"
},
{
"title": "Debian Security Advisories: DSA-2722-1 openjdk-7 -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=29128f887c1069c9cc8e265bacca4512"
},
{
"title": "Amazon Linux AMI: ALAS-2013-207",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2013-207"
},
{
"title": "Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131456 - Security Advisory"
},
{
"title": "Amazon Linux AMI: ALAS-2013-204",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2013-204"
},
{
"title": "Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131455 - Security Advisory"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-2444"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003041"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2444"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.9,
"url": "http://www.us-cert.gov/ncas/alerts/ta13-169a"
},
{
"trust": 1.9,
"url": "http://advisories.mageia.org/mgasa-2013-0185.html"
},
{
"trust": 1.6,
"url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0963.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1081.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1060.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1455.html"
},
{
"trust": 1.1,
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/09c14ca57ff0"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=975131"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/54154"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"trust": 1.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03898880"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1456.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=137545592101387\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=137545505800971\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:183"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1059.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/60633"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19602"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19476"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19307"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16851"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2014:0414"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2444"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130619-jre.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2013/at130030.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta13-169a/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2444"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2463.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2446.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1500.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2444.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2454.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2456.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2470.html"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2471.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2457.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2447.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2452.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1571.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2465.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2472.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2473.html"
},
{
"trust": 0.6,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2450.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2455.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2459.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2448.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2469.html"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2456"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2455"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2457"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2447"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2452"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2459"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1571"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2463"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2448"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2446"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2444"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2454"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2450"
},
{
"trust": 0.5,
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2407.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2443.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2412.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2464.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2453.html"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2453"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2407"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1500"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2412"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2465"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2443"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2468.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2451.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2466.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2437.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2442.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2464"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2442"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2458"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2449"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2437"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2460"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2445"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2461"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21650778"
},
{
"trust": 0.3,
"url": "http://www.oracle.com"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas36583326fc6c02fdf86257bc60079968c"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02"
},
{
"trust": 0.3,
"url": "http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.jtfhr2..t.cyta.7%2a%2ak.bw89mq%5f%5fdehufqb0"
},
{
"trust": 0.3,
"url": "http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.jtfhr2..t.cytc.7%2a%2ak.bw89mq%5f%5fdeoifqd0"
},
{
"trust": 0.3,
"url": "http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.jz8iz8..t.d3wy.82bm.bw89mq%5f%5fcviafmb0"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs13-015/index.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001621"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640206"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647053"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100173341"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1019760"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100175056"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5094215"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644918"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647384"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21643697"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650599"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004514"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659761"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645500"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21648074"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas384b70812e39ffb2d86257bbf00581b8d"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas301d21b03888172bd86257bbf00581b95"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas3d553b85edf79912386257bbf00581ba9"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas3a3a4ad6297e8c3df86257bbf00581bb1"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21652561"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24036927"
},
{
"trust": 0.3,
"url": "http://www.ubuntu.com/usn/usn-1908-1/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21663487"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21663199"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/12047-4e4eed8d42ca6/cert_xrx13-007_v1.0.pdf"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-3743.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2460.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2400"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2449.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2451"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2458.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2462"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2469"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2445.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2461.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-3744.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2466"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2400.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2462.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2470"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2472"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2471"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/1907-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=29704"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0873.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3548.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1540.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1476.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3521"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0428.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1480.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3556.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2419.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3563.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3546"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0401.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0425.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5089.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3551.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1722.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5079.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0497.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0500.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0419.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3389.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2422.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3561.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1721.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5081.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0409.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5071.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0863.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0423.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1532.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3216.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5069.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0499.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0862"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0867.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5084.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0443.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0507.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3552.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0809.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1487.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0351.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0814.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3547.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4820.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3549"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0503.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0427.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0433.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1493.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1569.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5073.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3554.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4823.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2435.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3549.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3553"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3516.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0871.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3554"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5068.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1541.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0868.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3389"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4822.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0873"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3159.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1557.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5075.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2429.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3548"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3521.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3551"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1713.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3547"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3213.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0441.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5072.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3553.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1718.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0432.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0446.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1481.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1537.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1717.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3545"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1531.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2432.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0802.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0865.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0450.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3516"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3545.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1491.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0862.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2383.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2418.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3561"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1473.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3556"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0547.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1563.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2424.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3544.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0867"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2433.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1716.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0506.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5083.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0501.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1533.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3342.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0869"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0426.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3560.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3550"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3557.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3143.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0440.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1725.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0865"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0502.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2417.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0445.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2394.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0498.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1682.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2430.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3560"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3546.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0551.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0424.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3552"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3544"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-0869.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0863"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1719.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3550.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1486.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-5035.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3557"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2384.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0169.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0505.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0438.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0871"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0868"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1478.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0435.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0434.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0802"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0814"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2420.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2440.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-3743"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2473"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0451.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0449.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5896.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5817.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0452.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5797.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2428.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0428.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0414.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5910.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0446.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5782.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2468"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5802.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5803.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5832.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5778.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5823.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5899.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5783.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0457.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5801.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5780.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2420.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2409.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-6629.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0416.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0453.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-6954.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5818.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5824.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5789.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0403.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5850.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5812.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5842.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0422.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5902.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5849.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0368.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5889.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0415.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2403.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0375.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5831.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0423.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5878.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5776.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0376.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5848.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0410.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5852.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5840.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2427.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-3829.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5907.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5772.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0373.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0458.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0411.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0460.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5905.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0417.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0424.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5819.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2412.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2398.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5820.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5809.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5898.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2421.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5884.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5825.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5774.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0461.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2423.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5830.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2414.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5784.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5887.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-4002.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0418.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5906.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0387.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-1876.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-2401.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0456.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5790.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5787.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5804.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5843.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5888.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5814.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0429.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-5829.html"
},
{
"trust": 0.1,
"url": "http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.10/news"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhba-2013-0959.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2013-0957.html"
},
{
"trust": 0.1,
"url": "http://www.hp.com/java"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-2444"
},
{
"db": "BID",
"id": "60633"
},
{
"db": "PACKETSTORM",
"id": "123734"
},
{
"db": "PACKETSTORM",
"id": "122405"
},
{
"db": "PACKETSTORM",
"id": "122441"
},
{
"db": "PACKETSTORM",
"id": "126195"
},
{
"db": "PACKETSTORM",
"id": "122109"
},
{
"db": "PACKETSTORM",
"id": "122084"
},
{
"db": "PACKETSTORM",
"id": "122651"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003041"
},
{
"db": "NVD",
"id": "CVE-2013-2444"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2013-2444",
"ident": null
},
{
"db": "BID",
"id": "60633",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123734",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "122405",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "122441",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126195",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "122109",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "122084",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "122651",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003041",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2013-2444",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2013-06-18T00:00:00",
"db": "VULMON",
"id": "CVE-2013-2444",
"ident": null
},
{
"date": "2013-06-18T00:00:00",
"db": "BID",
"id": "60633",
"ident": null
},
{
"date": "2013-10-23T22:57:57",
"db": "PACKETSTORM",
"id": "123734",
"ident": null
},
{
"date": "2013-07-15T14:57:00",
"db": "PACKETSTORM",
"id": "122405",
"ident": null
},
{
"date": "2013-07-17T00:05:38",
"db": "PACKETSTORM",
"id": "122441",
"ident": null
},
{
"date": "2014-04-17T22:01:36",
"db": "PACKETSTORM",
"id": "126195",
"ident": null
},
{
"date": "2013-06-21T01:38:12",
"db": "PACKETSTORM",
"id": "122109",
"ident": null
},
{
"date": "2013-06-20T00:47:46",
"db": "PACKETSTORM",
"id": "122084",
"ident": null
},
{
"date": "2013-08-02T15:05:49",
"db": "PACKETSTORM",
"id": "122651",
"ident": null
},
{
"date": "2013-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003041",
"ident": null
},
{
"date": "2013-06-18T22:55:02.380000",
"db": "NVD",
"id": "CVE-2013-2444",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-01-05T00:00:00",
"db": "VULMON",
"id": "CVE-2013-2444",
"ident": null
},
{
"date": "2017-08-14T20:12:00",
"db": "BID",
"id": "60633",
"ident": null
},
{
"date": "2015-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003041",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-2444",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "60633"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "Oracle Java SE and JavaFX of Java Runtime Environment In AWT Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003041"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "60633"
}
],
"trust": 0.3
}
}
VAR-201109-0209
Vulnerability from variot - Updated: 2026-04-10 22:39Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node.". Used in multiple products Webkit There is a service disruption (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, cause denial-of-service conditions, perform spoofing attacks, and bypass the same-origin policy; other attacks may also be possible. Versions prior to Chrome 14.0.835.163 are vulnerable. Google Chrome is a web browser developed by Google (Google). These could be used in a malicious web site to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue is addressed through an improved domain name validity check. This issue does not affect OS X systems. Third-party websites could set cookies if the "Block Cookies" preference in Safari was set to the default setting of "From third parties and advertisers". CVE-ID CVE-2012-0640 : nshah
WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later Impact: HTTP authentication credentials may be inadvertently disclosed to another site Description: If a site uses HTTP authentication and redirects to another site, the authentication credentials may be sent to the other site. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2012-03-07-2 iOS 5.1 Software Update
iOS 5.1 Software Update is now available and addresses the following:
CFNetwork Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers. CVE-ID CVE-2012-0641 : Erling Ellingsen of Facebook
HFS Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Mounting a maliciously crafted disk image may lead to a device shutdown or arbitrary code execution Description: An integer underflow existed with the handling of HFS catalog files. CVE-ID CVE-2012-0642 : pod2g
Kernel Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A malicious program could bypass sandbox restrictions Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges. CVE-ID CVE-2012-0643 : 2012 iOS Jailbreak Dream Team
libresolv Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Applications that use the libresolv library may be vulnerable to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of DNS resource records, which may lead to heap memory corruption. CVE-ID CVE-2011-3453 : Ilja van Sprundel of IOActive
Passcode Lock Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A person with physical access to the device may be able to bypass the screen lock Description: A race condition issue existed in the handling of slide to dial gestures. This may allow a person with physical access to the device to bypass the Passcode Lock screen. CVE-ID CVE-2012-0644 : Roland Kohler of the German Federal Ministry of Economics and Technology
Safari Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Web page visits may be recorded in browser history even when Private Browsing is active Description: Safari's Private Browsing is designed to prevent recording of a browsing session. Pages visited as a result of a site using the JavaScript methods pushState or replaceState were recorded in the browser history even when Private Browsing mode was active. This issue is addressed by not recording such visits when Private Browsing is active. CVE-ID CVE-2012-0585 : Eric Melville of American Express
Siri Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: An attacker with physical access to a locked phone could get access to frontmost email message Description: A design issue existed in Siri's lock screen restrictions. If Siri was enabled for use on the lock screen, and Mail was open with a message selected behind the lock screen, a voice command could be used to send that message to an arbitrary recipient. This issue is addressed by disabling forwarding of active messages from the lock screen. CVE-ID CVE-2012-0645
VPN Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A maliciously crafted system configuration file may lead to arbitrary code execution with system privileges Description: A format string vulnerability existed in the handling of racoon configuration files. CVE-ID CVE-2012-0646 : pod2g
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of cookies Description: A cross-origin issue existed in WebKit, which may allow cookies to be disclosed across origins. CVE-ID CVE-2011-3887 : Sergey Glazunov
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website and dragging content with the mouse may lead to a cross-site scripting attack Description: A cross-origin issue existed in WebKit, which may allow content to be dragged and dropped across origins. CVE-ID CVE-2012-0590 : Adam Barth of Google Chrome Security Team
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: Multiple cross-origin issues existed in WebKit. CVE-ID CVE-2011-3881 : Sergey Glazunov CVE-2012-0586 : Sergey Glazunov CVE-2012-0587 : Sergey Glazunov CVE-2012-0588 : Jochen Eisinger of Google Chrome Team CVE-2012-0589 : Alan Austin of polyvore.com
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. CVE-ID CVE-2011-2825 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-2833 : Apple CVE-2011-2846 : Arthur Gerkis, miaubiz CVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense VCP CVE-2011-2857 : miaubiz CVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2867 : Dirk Schulze CVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2869 : Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2877 : miaubiz CVE-2011-3885 : miaubiz CVE-2011-3888 : miaubiz CVE-2011-3897 : pa_kt working with TippingPoint's Zero Day Initiative CVE-2011-3908 : Aki Helin of OUSPG CVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu CVE-2011-3928 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2012-0591 : miaubiz, and Martin Barbella CVE-2012-0592 : Alexander Gavrun working with TippingPoint's Zero Day Initiative CVE-2012-0593 : Lei Zhang of the Chromium development community CVE-2012-0594 : Adam Klein of the Chromium development community CVE-2012-0595 : Apple CVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0597 : miaubiz CVE-2012-0598 : Sergey Glazunov CVE-2012-0599 : Dmytro Gorbunov of SaveSources.com CVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google Chrome, miaubiz, Aki Helin of OUSPG, Apple CVE-2012-0601 : Apple CVE-2012-0602 : Apple CVE-2012-0603 : Apple CVE-2012-0604 : Apple CVE-2012-0605 : Apple CVE-2012-0606 : Apple CVE-2012-0607 : Apple CVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0611 : Martin Barbella using AddressSanitizer CVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0615 : Martin Barbella using AddressSanitizer CVE-2012-0616 : miaubiz CVE-2012-0617 : Martin Barbella using AddressSanitizer CVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0621 : Martin Barbella using AddressSanitizer CVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome Security Team CVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0624 : Martin Barbella using AddressSanitizer CVE-2012-0625 : Martin Barbella CVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0627 : Apple CVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0630 : Sergio Villar Senin of Igalia CVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using AddressSanitizer CVE-2012-0633 : Apple CVE-2012-0635 : Julien Chaffraix of the Chromium development community, Martin Barbella using AddressSanitizer
Installation note:
This update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad.
The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "5.1".
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq 4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM bCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY RDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90 HAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6 7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY= =qPeE -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201111-01
http://security.gentoo.org/
Severity: High Title: Chromium, V8: Multiple vulnerabilities Date: November 01, 2011 Bugs: #351525, #353626, #354121, #356933, #357963, #358581, #360399, #363629, #365125, #366335, #367013, #368649, #370481, #373451, #373469, #377475, #377629, #380311, #380897, #381713, #383251, #385649, #388461 ID: 201111-01
Synopsis
Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code and local root privilege escalation.
Background
Chromium is an open-source web browser project. V8 is Google's open source JavaScript engine.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 15.0.874.102 >= 15.0.874.102 2 dev-lang/v8 < 3.5.10.22 >= 3.5.10.22 ------------------------------------------------------------------- 2 affected packages -------------------------------------------------------------------
Description
Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details.
Impact
A local attacker could gain root privileges (CVE-2011-1444, fixed in chromium-11.0.696.57).
A context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-15.0.874.102"
All V8 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/v8-3.5.10.22"
References
[ 1 ] CVE-2011-2345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2345 [ 2 ] CVE-2011-2346 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2346 [ 3 ] CVE-2011-2347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2347 [ 4 ] CVE-2011-2348 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2348 [ 5 ] CVE-2011-2349 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2349 [ 6 ] CVE-2011-2350 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2350 [ 7 ] CVE-2011-2351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2351 [ 8 ] CVE-2011-2834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834 [ 9 ] CVE-2011-2835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2835 [ 10 ] CVE-2011-2837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2837 [ 11 ] CVE-2011-2838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2838 [ 12 ] CVE-2011-2839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2839 [ 13 ] CVE-2011-2840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2840 [ 14 ] CVE-2011-2841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2841 [ 15 ] CVE-2011-2843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2843 [ 16 ] CVE-2011-2844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2844 [ 17 ] CVE-2011-2845 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2845 [ 18 ] CVE-2011-2846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2846 [ 19 ] CVE-2011-2847 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2847 [ 20 ] CVE-2011-2848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2848 [ 21 ] CVE-2011-2849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2849 [ 22 ] CVE-2011-2850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2850 [ 23 ] CVE-2011-2851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2851 [ 24 ] CVE-2011-2852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2852 [ 25 ] CVE-2011-2853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2853 [ 26 ] CVE-2011-2854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2854 [ 27 ] CVE-2011-2855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2855 [ 28 ] CVE-2011-2856 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2856 [ 29 ] CVE-2011-2857 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2857 [ 30 ] CVE-2011-2858 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2858 [ 31 ] CVE-2011-2859 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2859 [ 32 ] CVE-2011-2860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2860 [ 33 ] CVE-2011-2861 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2861 [ 34 ] CVE-2011-2862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2862 [ 35 ] CVE-2011-2864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2864 [ 36 ] CVE-2011-2874 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2874 [ 37 ] CVE-2011-3234 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3234 [ 38 ] CVE-2011-3873 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873 [ 39 ] CVE-2011-3875 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3875 [ 40 ] CVE-2011-3876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3876 [ 41 ] CVE-2011-3877 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3877 [ 42 ] CVE-2011-3878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3878 [ 43 ] CVE-2011-3879 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3879 [ 44 ] CVE-2011-3880 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3880 [ 45 ] CVE-2011-3881 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3881 [ 46 ] CVE-2011-3882 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3882 [ 47 ] CVE-2011-3883 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3883 [ 48 ] CVE-2011-3884 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3884 [ 49 ] CVE-2011-3885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3885 [ 50 ] CVE-2011-3886 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3886 [ 51 ] CVE-2011-3887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3887 [ 52 ] CVE-2011-3888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3888 [ 53 ] CVE-2011-3889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3889 [ 54 ] CVE-2011-3890 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3890 [ 55 ] CVE-2011-3891 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3891 [ 56 ] Release Notes 10.0.648.127 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html [ 57 ] Release Notes 10.0.648.133 http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html [ 58 ] Release Notes 10.0.648.205 http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html [ 59 ] Release Notes 11.0.696.57 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html [ 60 ] Release Notes 11.0.696.65 http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html [ 61 ] Release Notes 11.0.696.68 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html [ 62 ] Release Notes 11.0.696.71 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html [ 63 ] Release Notes 12.0.742.112 http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html [ 64 ] Release Notes 12.0.742.91 http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html [ 65 ] Release Notes 13.0.782.107 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html [ 66 ] Release Notes 13.0.782.215 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html [ 67 ] Release Notes 13.0.782.220 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html [ 68 ] Release Notes 14.0.835.163 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html [ 69 ] Release Notes 14.0.835.202 http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html [ 70 ] Release Notes 15.0.874.102 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html [ 71 ] Release Notes 8.0.552.237 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html [ 72 ] Release Notes 9.0.597.107 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html [ 73 ] Release Notes 9.0.597.84 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html [ 74 ] Release Notes 9.0.597.94 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "chrome",
"scope": "lt",
"trust": 1.8,
"vendor": "google",
"version": "14.0.835.163"
},
{
"_id": null,
"model": "itunes",
"scope": "lt",
"trust": 1.8,
"vendor": "apple",
"version": "10.6"
},
{
"_id": null,
"model": "safari",
"scope": "lt",
"trust": 1.8,
"vendor": "apple",
"version": "5.1.4"
},
{
"_id": null,
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.9,
"vendor": "google",
"version": "7.0.512.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.9,
"vendor": "google",
"version": "7.0.513.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.9,
"vendor": "google",
"version": "7.0.511.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.9,
"vendor": "google",
"version": "7.0.511.2"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7.3"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7.3"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (ipad and ipad 2)"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (iphone 3gs)"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (iphone 4)"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (iphone 4s)"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (ipod touch (3rd generation) or later )"
},
{
"_id": null,
"model": "ipad",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": "iphone",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": "ipod touch",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "5.0.350.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.18"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "13.0.782.7"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.39"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "5.0.360.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.31"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.5"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0"
},
{
"_id": null,
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.6"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.539.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.529.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.203"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.105"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.499.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.39"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.213"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.306"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.530.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.208"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.2"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.18"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.15"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.225"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.8"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.20"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.535.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.514.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.219"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.218"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.217"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.27"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.7"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.518.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.38"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.2"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.23"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.11"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.209"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.226"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.37"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.531.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.26"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.8"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.216"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.344"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.215"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.200"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.537.0"
},
{
"_id": null,
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.2.20"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.303"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.506.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.211"
},
{
"_id": null,
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.18"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.104"
},
{
"_id": null,
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.12"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.503.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.521.0"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.520.0"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.528.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.17"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.35"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.215"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.31"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.498.0"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.16"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.302"
},
{
"_id": null,
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.310"
},
{
"_id": null,
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.515.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.34"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.499.0"
},
{
"_id": null,
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.13"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.529.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.503.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.24"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.33"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.202"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.3"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.36"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.42"
},
{
"_id": null,
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.549.0"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.207"
},
{
"_id": null,
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.163"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.516.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"_id": null,
"model": "messaging storage server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.522.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.223"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1.8"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.531.0"
},
{
"_id": null,
"model": "tv",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.4"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.28"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.30"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.19"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.301"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.544.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.500.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.14"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.222"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.21"
},
{
"_id": null,
"model": "ctpview 7.0r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.12"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.4"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.100"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.14"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.540.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.542.0"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.529.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.510.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.547.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.2"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.9"
},
{
"_id": null,
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.13"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.4"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.547.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.509.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.40"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.514.1"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.212"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.29"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.206"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.19"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.25"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.220"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.101"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.0"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.511.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.531.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.20"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.300"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.535.1"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.10"
},
{
"_id": null,
"model": "aura conferencing sp1 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.541.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.221"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.524.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.102"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.17"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.307"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.205"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.16"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.204"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.526.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.21"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.505.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.497.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.103"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.224"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.548.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.308"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.210"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.550.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.525.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "ios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.500.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.309"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.214"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.201"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.11"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.32"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.22"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.43"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.504.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.44"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.304"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.305"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.237"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.41"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.3"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.538.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.519.0"
},
{
"_id": null,
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "49658"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-301"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002656"
},
{
"db": "NVD",
"id": "CVE-2011-2855"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:google:chrome",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipad",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:iphone",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipod_touch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002656"
}
]
},
"credits": {
"_id": null,
"data": "Ryan Sleevi of the Chromium development community, electronixtar, wbrana, Michal Zalewski of the Google Security Team, Kostya Serebryany of the Chromium development community, kuzzcc, Mario Gomes, Aaron Sigel of vtty.com, Kostya Serebryany of the Chromium",
"sources": [
{
"db": "BID",
"id": "49658"
}
],
"trust": 0.3
},
"cve": "CVE-2011-2855",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2011-2855",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2011-2855",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-50800",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-2855",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-2855",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201109-301",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-50800",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50800"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-301"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002656"
},
{
"db": "NVD",
"id": "CVE-2011-2855"
}
]
},
"description": {
"_id": null,
"data": "Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a \"stale node.\". Used in multiple products Webkit There is a service disruption (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code in the context of the browser, cause denial-of-service conditions, perform spoofing attacks, and bypass the same-origin policy; other attacks may also be possible. \nVersions prior to Chrome 14.0.835.163 are vulnerable. Google Chrome is a web browser developed by Google (Google). \nThese could be used in a malicious web site to direct the user to a\nspoofed site that visually appears to be a legitimate domain. This\nissue is addressed through an improved domain name validity check. \nThis issue does not affect OS X systems. Third-party websites could set cookies if the \"Block Cookies\"\npreference in Safari was set to the default setting of \"From third\nparties and advertisers\". \nCVE-ID\nCVE-2012-0640 : nshah\n\nWebKit\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista,\nXP SP2 or later\nImpact: HTTP authentication credentials may be inadvertently\ndisclosed to another site\nDescription: If a site uses HTTP authentication and redirects to\nanother site, the authentication credentials may be sent to the other\nsite. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2012-03-07-2 iOS 5.1 Software Update\n\niOS 5.1 Software Update is now available and addresses the following:\n\nCFNetwork\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of sensitive information\nDescription: An issue existed in CFNetwork\u0027s handling of malformed\nURLs. When accessing a maliciously crafted URL, CFNetwork could send\nunexpected request headers. \nCVE-ID\nCVE-2012-0641 : Erling Ellingsen of Facebook\n\nHFS\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Mounting a maliciously crafted disk image may lead to a\ndevice shutdown or arbitrary code execution\nDescription: An integer underflow existed with the handling of HFS\ncatalog files. \nCVE-ID\nCVE-2012-0642 : pod2g\n\nKernel\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: A malicious program could bypass sandbox restrictions\nDescription: A logic issue existed in the handling of debug system\ncalls. This may allow a malicious program to gain code execution in\nother programs with the same user privileges. \nCVE-ID\nCVE-2012-0643 : 2012 iOS Jailbreak Dream Team\n\nlibresolv\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Applications that use the libresolv library may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription: An integer overflow existed in the handling of DNS\nresource records, which may lead to heap memory corruption. \nCVE-ID\nCVE-2011-3453 : Ilja van Sprundel of IOActive\n\nPasscode Lock\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: A person with physical access to the device may be able to\nbypass the screen lock\nDescription: A race condition issue existed in the handling of slide\nto dial gestures. This may allow a person with physical access to the\ndevice to bypass the Passcode Lock screen. \nCVE-ID\nCVE-2012-0644 : Roland Kohler of the German Federal Ministry of\nEconomics and Technology\n\nSafari\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Web page visits may be recorded in browser history even when\nPrivate Browsing is active\nDescription: Safari\u0027s Private Browsing is designed to prevent\nrecording of a browsing session. Pages visited as a result of a site\nusing the JavaScript methods pushState or replaceState were recorded\nin the browser history even when Private Browsing mode was active. \nThis issue is addressed by not recording such visits when Private\nBrowsing is active. \nCVE-ID\nCVE-2012-0585 : Eric Melville of American Express\n\nSiri\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: An attacker with physical access to a locked phone could get\naccess to frontmost email message\nDescription: A design issue existed in Siri\u0027s lock screen\nrestrictions. If Siri was enabled for use on the lock screen, and\nMail was open with a message selected behind the lock screen, a voice\ncommand could be used to send that message to an arbitrary recipient. \nThis issue is addressed by disabling forwarding of active messages\nfrom the lock screen. \nCVE-ID\nCVE-2012-0645\n\nVPN\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: A maliciously crafted system configuration file may lead to\narbitrary code execution with system privileges\nDescription: A format string vulnerability existed in the handling\nof racoon configuration files. \nCVE-ID\nCVE-2012-0646 : pod2g\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of cookies\nDescription: A cross-origin issue existed in WebKit, which may allow\ncookies to be disclosed across origins. \nCVE-ID\nCVE-2011-3887 : Sergey Glazunov\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website and dragging content\nwith the mouse may lead to a cross-site scripting attack\nDescription: A cross-origin issue existed in WebKit, which may allow\ncontent to be dragged and dropped across origins. \nCVE-ID\nCVE-2012-0590 : Adam Barth of Google Chrome Security Team\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: Multiple cross-origin issues existed in WebKit. \nCVE-ID\nCVE-2011-3881 : Sergey Glazunov\nCVE-2012-0586 : Sergey Glazunov\nCVE-2012-0587 : Sergey Glazunov\nCVE-2012-0588 : Jochen Eisinger of Google Chrome Team\nCVE-2012-0589 : Alan Austin of polyvore.com\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nCVE-ID\nCVE-2011-2825 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-2833 : Apple\nCVE-2011-2846 : Arthur Gerkis, miaubiz\nCVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome\nSecurity Team using AddressSanitizer\nCVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense\nVCP\nCVE-2011-2857 : miaubiz\nCVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2867 : Dirk Schulze\nCVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2869 : Cris Neckar of Google Chrome Security Team using\nAddressSanitizer\nCVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google\nChrome Security Team using AddressSanitizer\nCVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2877 : miaubiz\nCVE-2011-3885 : miaubiz\nCVE-2011-3888 : miaubiz\nCVE-2011-3897 : pa_kt working with TippingPoint\u0027s Zero Day Initiative\nCVE-2011-3908 : Aki Helin of OUSPG\nCVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu\nCVE-2011-3928 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2012-0591 : miaubiz, and Martin Barbella\nCVE-2012-0592 : Alexander Gavrun working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2012-0593 : Lei Zhang of the Chromium development community\nCVE-2012-0594 : Adam Klein of the Chromium development community\nCVE-2012-0595 : Apple\nCVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0597 : miaubiz\nCVE-2012-0598 : Sergey Glazunov\nCVE-2012-0599 : Dmytro Gorbunov of SaveSources.com\nCVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google\nChrome, miaubiz, Aki Helin of OUSPG, Apple\nCVE-2012-0601 : Apple\nCVE-2012-0602 : Apple\nCVE-2012-0603 : Apple\nCVE-2012-0604 : Apple\nCVE-2012-0605 : Apple\nCVE-2012-0606 : Apple\nCVE-2012-0607 : Apple\nCVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer\nCVE-2012-0611 : Martin Barbella using AddressSanitizer\nCVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer\nCVE-2012-0615 : Martin Barbella using AddressSanitizer\nCVE-2012-0616 : miaubiz\nCVE-2012-0617 : Martin Barbella using AddressSanitizer\nCVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0621 : Martin Barbella using AddressSanitizer\nCVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome\nSecurity Team\nCVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0624 : Martin Barbella using AddressSanitizer\nCVE-2012-0625 : Martin Barbella\nCVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0627 : Apple\nCVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of\nGoogle Chrome Security Team using AddressSanitizer\nCVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2012-0630 : Sergio Villar Senin of Igalia\nCVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-0633 : Apple\nCVE-2012-0635 : Julien Chaffraix of the Chromium development\ncommunity, Martin Barbella using AddressSanitizer\n\n\nInstallation note:\n\nThis update is only available through iTunes, and will not appear\nin your computer\u0027s Software Update application, or in the Apple\nDownloads site. Make sure you have an Internet connection and have\ninstalled the latest version of iTunes from www.apple.com/itunes/\n\niTunes will automatically check Apple\u0027s update server on its weekly\nschedule. When an update is detected, it will download it. When\nthe iPhone, iPod touch or iPad is docked, iTunes will present the\nuser with the option to install the update. We recommend applying\nthe update immediately if possible. Selecting Don\u0027t Install will\npresent the option the next time you connect your iPhone, iPod touch,\nor iPad. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes checks for updates. You may manually obtain the\nupdate via the Check for Updates button within iTunes. After doing\nthis, the update can be applied when your iPhone, iPod touch, or iPad\nis docked to your computer. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update will be \"5.1\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\n\niQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq\n4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM\nbCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY\nRDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90\nHAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6\n7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY=\n=qPeE\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201111-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Chromium, V8: Multiple vulnerabilities\n Date: November 01, 2011\n Bugs: #351525, #353626, #354121, #356933, #357963, #358581,\n #360399, #363629, #365125, #366335, #367013, #368649,\n #370481, #373451, #373469, #377475, #377629, #380311,\n #380897, #381713, #383251, #385649, #388461\n ID: 201111-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in Chromium and V8, some of\nwhich may allow execution of arbitrary code and local root privilege\nescalation. \n\nBackground\n==========\n\nChromium is an open-source web browser project. V8 is Google\u0027s open\nsource JavaScript engine. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/chromium \u003c 15.0.874.102 \u003e= 15.0.874.102 \n 2 dev-lang/v8 \u003c 3.5.10.22 \u003e= 3.5.10.22 \n -------------------------------------------------------------------\n 2 affected packages\n -------------------------------------------------------------------\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Chromium and V8. \nPlease review the CVE identifiers and release notes referenced below\nfor details. \n\nImpact\n======\n\nA local attacker could gain root privileges (CVE-2011-1444, fixed in\nchromium-11.0.696.57). \n\nA context-dependent attacker could entice a user to open a specially\ncrafted web site or JavaScript program using Chromium or V8, possibly\nresulting in the execution of arbitrary code with the privileges of the\nprocess, or a Denial of Service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-client/chromium-15.0.874.102\"\n\nAll V8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-lang/v8-3.5.10.22\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-2345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2345\n[ 2 ] CVE-2011-2346\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2346\n[ 3 ] CVE-2011-2347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2347\n[ 4 ] CVE-2011-2348\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2348\n[ 5 ] CVE-2011-2349\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2349\n[ 6 ] CVE-2011-2350\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2350\n[ 7 ] CVE-2011-2351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2351\n[ 8 ] CVE-2011-2834\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834\n[ 9 ] CVE-2011-2835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2835\n[ 10 ] CVE-2011-2837\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2837\n[ 11 ] CVE-2011-2838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2838\n[ 12 ] CVE-2011-2839\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2839\n[ 13 ] CVE-2011-2840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2840\n[ 14 ] CVE-2011-2841\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2841\n[ 15 ] CVE-2011-2843\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2843\n[ 16 ] CVE-2011-2844\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2844\n[ 17 ] CVE-2011-2845\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2845\n[ 18 ] CVE-2011-2846\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2846\n[ 19 ] CVE-2011-2847\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2847\n[ 20 ] CVE-2011-2848\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2848\n[ 21 ] CVE-2011-2849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2849\n[ 22 ] CVE-2011-2850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2850\n[ 23 ] CVE-2011-2851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2851\n[ 24 ] CVE-2011-2852\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2852\n[ 25 ] CVE-2011-2853\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2853\n[ 26 ] CVE-2011-2854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2854\n[ 27 ] CVE-2011-2855\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2855\n[ 28 ] CVE-2011-2856\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2856\n[ 29 ] CVE-2011-2857\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2857\n[ 30 ] CVE-2011-2858\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2858\n[ 31 ] CVE-2011-2859\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2859\n[ 32 ] CVE-2011-2860\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2860\n[ 33 ] CVE-2011-2861\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2861\n[ 34 ] CVE-2011-2862\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2862\n[ 35 ] CVE-2011-2864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2864\n[ 36 ] CVE-2011-2874\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2874\n[ 37 ] CVE-2011-3234\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3234\n[ 38 ] CVE-2011-3873\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873\n[ 39 ] CVE-2011-3875\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3875\n[ 40 ] CVE-2011-3876\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3876\n[ 41 ] CVE-2011-3877\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3877\n[ 42 ] CVE-2011-3878\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3878\n[ 43 ] CVE-2011-3879\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3879\n[ 44 ] CVE-2011-3880\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3880\n[ 45 ] CVE-2011-3881\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3881\n[ 46 ] CVE-2011-3882\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3882\n[ 47 ] CVE-2011-3883\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3883\n[ 48 ] CVE-2011-3884\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3884\n[ 49 ] CVE-2011-3885\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3885\n[ 50 ] CVE-2011-3886\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3886\n[ 51 ] CVE-2011-3887\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3887\n[ 52 ] CVE-2011-3888\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3888\n[ 53 ] CVE-2011-3889\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3889\n[ 54 ] CVE-2011-3890\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3890\n[ 55 ] CVE-2011-3891\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3891\n[ 56 ] Release Notes 10.0.648.127\n http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html\n[ 57 ] Release Notes 10.0.648.133\n http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html\n[ 58 ] Release Notes 10.0.648.205\n http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html\n[ 59 ] Release Notes 11.0.696.57\n http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html\n[ 60 ] Release Notes 11.0.696.65\n http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html\n[ 61 ] Release Notes 11.0.696.68\n http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html\n[ 62 ] Release Notes 11.0.696.71\n http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html\n[ 63 ] Release Notes 12.0.742.112\n http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html\n[ 64 ] Release Notes 12.0.742.91\n http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html\n[ 65 ] Release Notes 13.0.782.107\n http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html\n[ 66 ] Release Notes 13.0.782.215\n http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html\n[ 67 ] Release Notes 13.0.782.220\n http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html\n[ 68 ] Release Notes 14.0.835.163\n http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html\n[ 69 ] Release Notes 14.0.835.202\n http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html\n[ 70 ] Release Notes 15.0.874.102\n http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html\n[ 71 ] Release Notes 8.0.552.237\n http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html\n[ 72 ] Release Notes 9.0.597.107\n http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html\n[ 73 ] Release Notes 9.0.597.84\n http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html\n[ 74 ] Release Notes 9.0.597.94\n http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201111-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2855"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002656"
},
{
"db": "BID",
"id": "49658"
},
{
"db": "VULHUB",
"id": "VHN-50800"
},
{
"db": "PACKETSTORM",
"id": "110716"
},
{
"db": "PACKETSTORM",
"id": "110590"
},
{
"db": "PACKETSTORM",
"id": "110591"
},
{
"db": "PACKETSTORM",
"id": "106471"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2011-2855",
"trust": 3.2
},
{
"db": "SECUNIA",
"id": "48377",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48274",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48288",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1026774",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "75557",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002656",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201109-301",
"trust": 0.7
},
{
"db": "JUNIPER",
"id": "JSA10658",
"trust": 0.3
},
{
"db": "BID",
"id": "49658",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-50800",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110716",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110590",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110591",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106471",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50800"
},
{
"db": "BID",
"id": "49658"
},
{
"db": "PACKETSTORM",
"id": "110716"
},
{
"db": "PACKETSTORM",
"id": "110590"
},
{
"db": "PACKETSTORM",
"id": "110591"
},
{
"db": "PACKETSTORM",
"id": "106471"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-301"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002656"
},
{
"db": "NVD",
"id": "CVE-2011-2855"
}
]
},
"id": "VAR-201109-0209",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50800"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:39:23.261000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HT5190",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5190"
},
{
"title": "HT5191",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5191"
},
{
"title": "HT5192",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5192"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "stable-channel-update_16",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"title": "nacl",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=41604"
},
{
"title": "IronPortable",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=41603"
},
{
"title": "srware_iron",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=41605"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-301"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002656"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-74",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50800"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002656"
},
{
"db": "NVD",
"id": "CVE-2011-2855"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.1,
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2012/mar/msg00000.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2012/mar/msg00001.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2012/mar/msg00003.html"
},
{
"trust": 1.7,
"url": "http://code.google.com/p/chromium/issues/detail?id=92959"
},
{
"trust": 1.7,
"url": "http://osvdb.org/75557"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14485"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1026774"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48274"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48288"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48377"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69882"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2855"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu428075/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu479643/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu341747/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2855"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2847"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2855"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2854"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2846"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht5504"
},
{
"trust": 0.3,
"url": "http://www.google.com/chrome"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos2"
},
{
"trust": 0.3,
"url": "/archive/1/520068"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10658\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100153798"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100156064"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100158911"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03360041"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/16aeb-4cd3628b94080/cert_xrx12-009_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2867"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3888"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2872"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2877"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2871"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2869"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2860"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3885"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2873"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2870"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2868"
},
{
"trust": 0.3,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2857"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3897"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2825"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3908"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3909"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2833"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3887"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0585"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3928"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0586"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3881"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2866"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0584"
},
{
"trust": 0.1,
"url": "http://www.apple.com/safari/download/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0592"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0594"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0593"
},
{
"trust": 0.1,
"url": "http://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3453"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2849"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2841"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2847"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3875"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3890"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2350"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2848"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2853"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3879"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3888"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2859"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3881"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2844"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2843"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3876"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2844"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2853"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2845"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3877"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2349"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3880"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201111-01.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2841"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2349"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2861"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2862"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2852"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2838"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2839"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2849"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2346"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2858"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3891"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2855"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3887"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3878"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3873"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2854"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2850"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2834"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2851"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2857"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2851"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2856"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2346"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2846"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2348"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2850"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2852"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2856"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2874"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2348"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2350"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3234"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2845"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2848"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3886"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2839"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3882"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3885"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2843"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50800"
},
{
"db": "BID",
"id": "49658"
},
{
"db": "PACKETSTORM",
"id": "110716"
},
{
"db": "PACKETSTORM",
"id": "110590"
},
{
"db": "PACKETSTORM",
"id": "110591"
},
{
"db": "PACKETSTORM",
"id": "106471"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-301"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002656"
},
{
"db": "NVD",
"id": "CVE-2011-2855"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-50800",
"ident": null
},
{
"db": "BID",
"id": "49658",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "110716",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "110590",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "110591",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "106471",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201109-301",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002656",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2011-2855",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2011-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-50800",
"ident": null
},
{
"date": "2011-09-16T00:00:00",
"db": "BID",
"id": "49658",
"ident": null
},
{
"date": "2012-03-13T00:58:40",
"db": "PACKETSTORM",
"id": "110716",
"ident": null
},
{
"date": "2012-03-08T22:22:22",
"db": "PACKETSTORM",
"id": "110590",
"ident": null
},
{
"date": "2012-03-08T22:23:23",
"db": "PACKETSTORM",
"id": "110591",
"ident": null
},
{
"date": "2011-11-01T15:58:39",
"db": "PACKETSTORM",
"id": "106471",
"ident": null
},
{
"date": "2011-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-301",
"ident": null
},
{
"date": "2011-11-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002656",
"ident": null
},
{
"date": "2011-09-19T12:02:56.217000",
"db": "NVD",
"id": "CVE-2011-2855",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-05-08T00:00:00",
"db": "VULHUB",
"id": "VHN-50800",
"ident": null
},
{
"date": "2015-04-13T21:27:00",
"db": "BID",
"id": "49658",
"ident": null
},
{
"date": "2020-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-301",
"ident": null
},
{
"date": "2012-03-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002656",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-2855",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-301"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Used in multiple products Webkit Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002656"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-301"
}
],
"trust": 0.6
}
}
VAR-201210-0053
Vulnerability from variot - Updated: 2026-04-10 22:38Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' sub-component. This vulnerability affects the following supported versions: 7 Update 7, 6 Update 35, 5.0 Update 36, 1.4.2_38. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2012-10-16-1 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11
Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 are now available and address the following:
Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Impact: Multiple vulnerabilities in Java 1.6.0_35 Description: Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at http://www.o racle.com/technetwork/java/javase/releasenotes-136954.html CVE-ID CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5086 CVE-2012-5089 CVE-2012-5979
Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 may be obtained from the Software Update pane in System Preferences, Mac App Store, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems The download file is named: JavaForMacOSX10.6.dmg Its SHA-1 digest is: 2ca7594a6f7849b502715e8473cf46ef73570da6
For OS X Lion and Mountain Lion systems The download file is named: JavaForOSX.dmg Its SHA-1 digest is: eff777cdc39b4e3336b3477f60e8ad769ded8532
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJQfZ+bAAoJEPefwLHPlZEwF+YP/iVGN+CqCkLf7SavQUwyTQ08 a6+I34hefvCQcLCQ4EBYOzDXUJIlcH2azcGnvQsrrgWgpoE6ykqyj4fkpwLM0nF1 CfcSGOV8hmC2ZtR2PgJLcaP4FDKyNoOqLtKY6KtZnUQNcKBYcdM/y3OON9Zc0F2/ m/nQGnm3RfuXYXzSmTwJVKjuR1MkhUfZ9N6cwYUfjQC6cQaRs4tjeezd1jaobeXZ lfk5Mo/kp3KTwAKsjdwqIThGX/UXdHQm9PnGfU9ktNv0429vKTX4VarPjyLsIeiO GcBjfzRKzWYrbzTyKqKRAmtC/TcTnGJ8AfOjCP6HedeelJEbHB3iBb4ugqHzcPGG ffZ9rZy8SMVppJyv3NeJJN86Kl3etdShmhj7maxyQUopDanpZQraaarkNlSYyLql I0z4/IGX6W4Y2HYI+5wRchSewZi9mU9tw1HFZaoINaPBynEC0jihbeT5P9olX7mL 1OrWyPMPeaXtD9VRaSlV1WwPojJp26XrcWFUu6gqCOWRTzL0h83hNJrQJwTW7PrT g6ryifMGItMkmOuINyniuUbz1PcOiQZ5VhtQn8XbvjX4BpGS6GJ4IAJ0rv9nSeON PGv6JcpEAdjEdsChnDTGGTyUzQSN+HU/KTd7Jngg/Bu1v96ZAqrmVzFVkZi+6dtN 8KhhmiZ54RdiudmsUgFu =TWGY -----END PGP SIGNATURE----- .
Background
IcedTea is a distribution of the Java OpenJDK source code built with free build tools. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03596813
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03596813 Version: 1
HPSBOV02833 SSRT101043 rev.1 - OpenVMS running Java on Integrity Servers, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2013-01-07 Last Updated: 2013-01-07
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on OpenVMS Integrity Servers. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. OpenVMS Integrity JDK and JRE 6.0-3.p1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2012-1531 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1532 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1533 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3143 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3159 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-3216 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2012-4416 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-5068 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-5069 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2012-5071 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-5072 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5073 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2012-5075 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5077 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2012-5079 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2012-5081 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-5083 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5084 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2012-5085 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 0.0 CVE-2012-5086 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5087 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5089 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
The updates are available from the following location:
http://h18012.www1.hp.com/java/alpha
Kit Name
Java SE Development Kit (JDK) 6.0-4 for the OpenVMS I64 Operating System
Java SE Runtime Environment (JRE) 6.0-4 for the OpenVMS I64 Operating System
HISTORY Version:1 (rev.1) - 7 January 2013 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Customers are advised to migrate to later versions of Java at this time. In cases where it is not feasible to move to a later version of supported Java, customers are advised to contact IBM to evaluate other options. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30
http://security.gentoo.org/
Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30
Synopsis
Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 5 affected packages
Description
Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"
All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"
All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version:
# emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"
All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea.
References
[ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-30.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . (CVE-2012-5085)
Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: RHSA-2012:1386-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1386.html Issue date: 2012-10-17 CVE Names: CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089 =====================================================================
- Summary:
Updated java-1.7.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64
- Description:
These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit.
Multiple improper permission check issues were discovered in the Beans, Libraries, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5084, CVE-2012-5089)
The default Java security properties configuration did not restrict access to certain com.sun.org.glassfish packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. This update lists those packages as restricted. (CVE-2012-5076, CVE-2012-5074)
Multiple improper permission check issues were discovered in the Scripting, JMX, Concurrency, Libraries, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071, CVE-2012-5069, CVE-2012-5073, CVE-2012-5072)
It was discovered that java.util.ServiceLoader could create an instance of an incompatible class while performing provider lookup. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2012-5079)
It was discovered that the Java Secure Socket Extension (JSSE) SSL/TLS implementation did not properly handle handshake records containing an overly large data length value. An unauthenticated, remote attacker could possibly use this flaw to cause an SSL/TLS server to terminate with an exception. (CVE-2012-5081)
It was discovered that the JMX component in OpenJDK could perform certain actions in an insecure manner. An untrusted Java application or applet could possibly use these flaws to disclose sensitive information. (CVE-2012-5070, CVE-2012-5075)
A bug in the Java HotSpot Virtual Machine optimization code could cause it to not perform array initialization in certain cases. An untrusted Java application or applet could use this flaw to disclose portions of the virtual machine's memory. (CVE-2012-4416)
It was discovered that the SecureRandom class did not properly protect against the creation of multiple seeders. An untrusted Java application or applet could possibly use this flaw to disclose sensitive information. (CVE-2012-5077)
It was discovered that the java.io.FilePermission class exposed the hash code of the canonicalized path name. An untrusted Java application or applet could possibly use this flaw to determine certain system paths, such as the current working directory. (CVE-2012-3216)
This update disables Gopher protocol support in the java.net package by default. Gopher support can be enabled by setting the newly introduced property, "jdk.net.registerGopherProtocol", to true. (CVE-2012-5085)
This erratum also upgrades the OpenJDK package to IcedTea7 2.3.3. Refer to the NEWS file, linked to in the References, for further information.
All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
856124 - CVE-2012-4416 OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606) 865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398) 865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535) 865350 - CVE-2012-5070 OpenJDK: EnvHelp information disclosure (JMX, 7158796) 865352 - CVE-2012-5076 OpenJDK: com.sun.org.glassfish. not restricted packages (JAX-WS, 7163198) 865354 - CVE-2012-5077 OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656) 865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884) 865359 - CVE-2012-5074 OpenJDK: com.sun.org.glassfish. not restricted packages (JAX-WS, 7169887) 865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888) 865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522) 865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286) 865428 - CVE-2012-5086 OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917) 865434 - CVE-2012-5087 OpenJDK: PropertyElementHandler insufficient access checks (Beans, 7195549) 865471 - CVE-2012-5088 OpenJDK: MethodHandle insufficient access control checks (Libraries, 7196190) 865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194) 865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296) 865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975) 865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103) 865541 - CVE-2012-5085 OpenJDK: disable Gopher support by default (Gopher, 7189567) 865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919)
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-3216.html https://www.redhat.com/security/data/cve/CVE-2012-4416.html https://www.redhat.com/security/data/cve/CVE-2012-5068.html https://www.redhat.com/security/data/cve/CVE-2012-5069.html https://www.redhat.com/security/data/cve/CVE-2012-5070.html https://www.redhat.com/security/data/cve/CVE-2012-5071.html https://www.redhat.com/security/data/cve/CVE-2012-5072.html https://www.redhat.com/security/data/cve/CVE-2012-5073.html https://www.redhat.com/security/data/cve/CVE-2012-5074.html https://www.redhat.com/security/data/cve/CVE-2012-5075.html https://www.redhat.com/security/data/cve/CVE-2012-5076.html https://www.redhat.com/security/data/cve/CVE-2012-5077.html https://www.redhat.com/security/data/cve/CVE-2012-5079.html https://www.redhat.com/security/data/cve/CVE-2012-5081.html https://www.redhat.com/security/data/cve/CVE-2012-5084.html https://www.redhat.com/security/data/cve/CVE-2012-5085.html https://www.redhat.com/security/data/cve/CVE-2012-5086.html https://www.redhat.com/security/data/cve/CVE-2012-5087.html https://www.redhat.com/security/data/cve/CVE-2012-5088.html https://www.redhat.com/security/data/cve/CVE-2012-5089.html https://access.redhat.com/security/updates/classification/#important http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.3/NEWS http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQftouXlSAg2UNWIIRAu4QAJ9oluAxlU3ZC8CvezRk4Erm08HD+QCeNlqf GG07IH3dgJiG+gj47Cm1WNQ= =8X+P -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_25"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_3"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_33"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_22"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_13"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_7"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_12"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_30"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_25"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_3"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_36"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_19"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_22"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_26"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_30"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_15"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_27"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_34"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_26"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_14"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_27"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_34"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_14"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_5"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_18"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_7"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_5"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_17"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0.200"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_2"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_18"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_35"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_16"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_4"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_23"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_17"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_15"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_32"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_2"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_11"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_10"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_29"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_35"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_33"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_23"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_6"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_21"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_13"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_32"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_10"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0.210"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_29"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_9"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_36"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_28"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_6"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_19"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.4.2_38"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_8"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_9"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_20"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_28"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_37"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_24"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_31"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_8"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_16"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.4.2_38"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_37"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_4"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_12"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_11"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_31"
},
{
"_id": null,
"model": "jre 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 24",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.4.2 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 17",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 16",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 22",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 1.4.2 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 1.4.2 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 22",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 24",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 16",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.7"
},
{
"_id": null,
"model": "sdk 1.4.2 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.4.2 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.6.0 01",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.4.2 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.4.2 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.4.2 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 1.4.2 37",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.4.2 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 17",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 10",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.4.2 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 1.4.2 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.4.2 16",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.7"
},
{
"_id": null,
"model": "jre 1.4.2 37",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 1.4.2 16",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 17",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "sdk 1.4.2 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 1.4.2 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 0 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 24",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7 and later"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.8 and later"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7 and later"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.0 update 36"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6 update 35"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 update 7"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.4.2_38"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.0 update 36"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6 update 35"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 update 7"
},
{
"_id": null,
"model": "sdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.4.2_38"
},
{
"_id": null,
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer\u0027s kit for java",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"_id": null,
"model": "cosminexus server - standard edition",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 4"
},
{
"_id": null,
"model": "cosminexus server - web edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- standard edition version 4"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- web edition version 4"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"_id": null,
"model": "hirdb for java /xml",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "developer\u0027s kit for java",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "processing kit for xml",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "for plug-in"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus operator",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus portal framework",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "entry set"
},
{
"_id": null,
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"_id": null,
"model": "ucosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard-r"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"_id": null,
"model": "jdk 1.5.0.0 11",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 11-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 28",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 01-b06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0.0 07",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 2",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 01",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 27",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 07-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 20",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "1.10.10"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "1.11.5"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6)5.5"
},
{
"_id": null,
"model": "antivirus update19",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.5.0"
},
{
"_id": null,
"model": "nonstop server h06.16.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.19.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.21"
},
{
"_id": null,
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.4.225"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "nonstop server j06.08.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.15.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.3.3"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.34"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.11"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.06"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "nonstop server j06.06.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"_id": null,
"model": "nonstop server j06.14",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "antivirus update17",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.5.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "nonstop server j06.09.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.06"
},
{
"_id": null,
"model": "nonstop server h06.26",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.3.2"
},
{
"_id": null,
"model": "nonstop server j06.04.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5)5.5"
},
{
"_id": null,
"model": "nonstop server j06.13",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "linux enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "nonstop server j06.09.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "ucosminexus operator",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "jre 27",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "rational host on-demand",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.6.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1"
},
{
"_id": null,
"model": "nonstop server h06.18.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.15.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.35"
},
{
"_id": null,
"model": "nonstop server h06.22.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "openjdk",
"scope": "eq",
"trust": 0.3,
"vendor": "openjdk",
"version": "7"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.014"
},
{
"_id": null,
"model": "nonstop server j06.12.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "nonstop server j06.05.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.011"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.02"
},
{
"_id": null,
"model": "nonstop server j06.08.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.09.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "4.0"
},
{
"_id": null,
"model": "jdk update14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "antivirus update23",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.5.0"
},
{
"_id": null,
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.4.220"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "8.0"
},
{
"_id": null,
"model": "jdk update24",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.01"
},
{
"_id": null,
"model": "nonstop server j06.16",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational performance tester",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"_id": null,
"model": "websphere operational decision management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "nonstop server j6.0.14.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.011"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"_id": null,
"model": "antivirus update14",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.5.0"
},
{
"_id": null,
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "1.11.4"
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.1.3"
},
{
"_id": null,
"model": "jdk 1.5.0 11",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk and jre for openvms integrity servers 6.0-3.p1",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "vcenter server update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.11"
},
{
"_id": null,
"model": "antivirus update22",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.5.0"
},
{
"_id": null,
"model": "antivirus update24",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.5.0"
},
{
"_id": null,
"model": "nonstop server j06.07.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "nonstop server j06.09.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk and jre for openvms integrity servers",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.0-4"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "nonstop server j06.10.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.06.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.012"
},
{
"_id": null,
"model": "nonstop server h06.24.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"_id": null,
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.4.223"
},
{
"_id": null,
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.4.219"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"_id": null,
"model": "nonstop server h06.25",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.2.2"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.012"
},
{
"_id": null,
"model": "websphere ilog jrules",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.04"
},
{
"_id": null,
"model": "nonstop server h06.15.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"_id": null,
"model": "antivirus update16",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.5.0"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.04"
},
{
"_id": null,
"model": "antivirus update18",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.5.0"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "rational system architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4.2.1"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7"
},
{
"_id": null,
"model": "openjdk",
"scope": "eq",
"trust": 0.3,
"vendor": "openjdk",
"version": "6"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.2"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "jre 1.5.0 09",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "nonstop server j06.07.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.010"
},
{
"_id": null,
"model": "linux enterprise server for vmware sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.013"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "nonstop server j06.08.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.08.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.33"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.015"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.010"
},
{
"_id": null,
"model": "nonstop server h06.15.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.24",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.013"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.018"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.019"
},
{
"_id": null,
"model": "antivirus update20",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.5.0"
},
{
"_id": null,
"model": "nonstop server h06.16.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.18.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.20.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "1.10.9"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.015"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0"
},
{
"_id": null,
"model": "nonstop server j06.13.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk update13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "nonstop server h06.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational system architect",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4.2.2"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.014"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.019"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"_id": null,
"model": "jdk 1.5.0 11-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.19.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hirdb",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "8.0"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"_id": null,
"model": "antivirus update21",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk update16",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0"
},
{
"_id": null,
"model": "jdk update19",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "openpages grc platform",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "nonstop server h06.22.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.32"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.4"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.3"
},
{
"_id": null,
"model": "nonstop server h06.19.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk update23",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.03"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.05"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0"
},
{
"_id": null,
"model": "jre 28",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.020"
},
{
"_id": null,
"model": "rational service tester",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"_id": null,
"model": "linux enterprise sdk sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "openpages grc platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "nonstop server j06.11.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.15",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.03"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "2008"
},
{
"_id": null,
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.4.226"
},
{
"_id": null,
"model": "nonstop server h06.21.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "virtualcenter",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5"
},
{
"_id": null,
"model": "antivirus update25",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.5.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "nonstop server h06.20.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "9.0"
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"_id": null,
"model": "websphere operational decision management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "jre 10-b03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.14"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "vcenter update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "nonstop server j06.05.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.07.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.21.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.19.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.31"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.13"
},
{
"_id": null,
"model": "jdk 0 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 08",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "rational host on-demand",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.7"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.4.227"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.0"
},
{
"_id": null,
"model": "rational synergy",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.4.224"
},
{
"_id": null,
"model": "nonstop server j06.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.26.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.4.221"
},
{
"_id": null,
"model": "linux enterprise java sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "nonstop server j06.04.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.22"
},
{
"_id": null,
"model": "nonstop server j06.04.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.06.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.016"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "nonstop server h06.21.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.021"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.07"
},
{
"_id": null,
"model": "nonstop server j06.06.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.17.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 07-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "vcenter update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"_id": null,
"model": "jdk update25",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "jdk update21",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.016"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.018"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "websphere mq server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "jdk 1.6.0 01-b06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "rational build forge",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.07"
},
{
"_id": null,
"model": "nonstop server h06.20.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "nonstop server j06.10.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "nonstop server h06.17.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.017"
},
{
"_id": null,
"model": "enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "nonstop server h06.16.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk update17",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "antivirus update15",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.5.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "linux enterprise software development kit sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "nonstop server j06.05.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "linux enterprise java sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "processing kit for xml",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.017"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "jdk update22",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.4.222"
},
{
"_id": null,
"model": "rational host on-demand",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "nonstop server h06.20.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk update15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk 0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk update18",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.1.2"
},
{
"_id": null,
"model": "jdk update20",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "ucosminexus portal framework",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "nonstop server j06.09.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "update manager update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.11"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.12"
},
{
"_id": null,
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "nonstop server h06.17.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hirdb",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0"
},
{
"_id": null,
"model": "nonstop server j06.08.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.10.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.2.3"
},
{
"_id": null,
"model": "nonstop server h06.25.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.18.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "nonstop server h06.27",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "antivirus update",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "1.6.05"
},
{
"_id": null,
"model": "nonstop server h06.17.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.14.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "56075"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-278"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004959"
},
{
"db": "NVD",
"id": "CVE-2012-3216"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:jdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:jre",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:sdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_standard_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hirdb_for_java_xml",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:processing_kit_for_xml",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_light",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_operator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_portal_framework",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_architect",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_platform",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004959"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "117454"
},
{
"db": "PACKETSTORM",
"id": "118306"
},
{
"db": "PACKETSTORM",
"id": "123735"
},
{
"db": "PACKETSTORM",
"id": "117477"
},
{
"db": "PACKETSTORM",
"id": "117453"
},
{
"db": "PACKETSTORM",
"id": "118142"
},
{
"db": "PACKETSTORM",
"id": "117452"
}
],
"trust": 0.7
},
"cve": "CVE-2012-3216",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2012-3216",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-3216",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2012-3216",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-201210-278",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2012-3216",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-3216"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-278"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004959"
},
{
"db": "NVD",
"id": "CVE-2012-3216"
}
]
},
"description": {
"_id": null,
"data": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. \nThe vulnerability can be exploited over multiple protocols. This issue affects the \u0027Libraries\u0027 sub-component. \nThis vulnerability affects the following supported versions:\n7 Update 7, 6 Update 35, 5.0 Update 36, 1.4.2_38. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2012-10-16-1 Java for OS X 2012-006 and\nJava for Mac OS X 10.6 Update 11\n\nJava for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 are now\navailable and address the following:\n\nJava\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 or later, OS X Lion Server v10.7 or later,\nOS X Mountain Lion 10.8 or later\nImpact: Multiple vulnerabilities in Java 1.6.0_35\nDescription: Multiple vulnerabilities exist in Java 1.6.0_35, the\nmost serious of which may allow an untrusted Java applet to execute\narbitrary code outside the Java sandbox. Visiting a web page\ncontaining a maliciously crafted untrusted Java applet may lead to\narbitrary code execution with the privileges of the current user. \nThese issues are addressed by updating to Java version 1.6.0_37. \nFurther information is available via the Java website at http://www.o\nracle.com/technetwork/java/javase/releasenotes-136954.html\nCVE-ID\nCVE-2012-1531\nCVE-2012-1532\nCVE-2012-1533\nCVE-2012-3143\nCVE-2012-3159\nCVE-2012-3216\nCVE-2012-4416\nCVE-2012-5068\nCVE-2012-5069\nCVE-2012-5071\nCVE-2012-5072\nCVE-2012-5073\nCVE-2012-5075\nCVE-2012-5077\nCVE-2012-5081\nCVE-2012-5083\nCVE-2012-5084\nCVE-2012-5086\nCVE-2012-5089\nCVE-2012-5979\n\n\nJava for OS X 2012-006 and Java for Mac OS X 10.6 Update 11\nmay be obtained from the Software Update pane in System Preferences,\nMac App Store, or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nFor Mac OS X v10.6 systems\nThe download file is named: JavaForMacOSX10.6.dmg\nIts SHA-1 digest is: 2ca7594a6f7849b502715e8473cf46ef73570da6\n\nFor OS X Lion and Mountain Lion systems\nThe download file is named: JavaForOSX.dmg\nIts SHA-1 digest is: eff777cdc39b4e3336b3477f60e8ad769ded8532\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJQfZ+bAAoJEPefwLHPlZEwF+YP/iVGN+CqCkLf7SavQUwyTQ08\na6+I34hefvCQcLCQ4EBYOzDXUJIlcH2azcGnvQsrrgWgpoE6ykqyj4fkpwLM0nF1\nCfcSGOV8hmC2ZtR2PgJLcaP4FDKyNoOqLtKY6KtZnUQNcKBYcdM/y3OON9Zc0F2/\nm/nQGnm3RfuXYXzSmTwJVKjuR1MkhUfZ9N6cwYUfjQC6cQaRs4tjeezd1jaobeXZ\nlfk5Mo/kp3KTwAKsjdwqIThGX/UXdHQm9PnGfU9ktNv0429vKTX4VarPjyLsIeiO\nGcBjfzRKzWYrbzTyKqKRAmtC/TcTnGJ8AfOjCP6HedeelJEbHB3iBb4ugqHzcPGG\nffZ9rZy8SMVppJyv3NeJJN86Kl3etdShmhj7maxyQUopDanpZQraaarkNlSYyLql\nI0z4/IGX6W4Y2HYI+5wRchSewZi9mU9tw1HFZaoINaPBynEC0jihbeT5P9olX7mL\n1OrWyPMPeaXtD9VRaSlV1WwPojJp26XrcWFUu6gqCOWRTzL0h83hNJrQJwTW7PrT\ng6ryifMGItMkmOuINyniuUbz1PcOiQZ5VhtQn8XbvjX4BpGS6GJ4IAJ0rv9nSeON\nPGv6JcpEAdjEdsChnDTGGTyUzQSN+HU/KTd7Jngg/Bu1v96ZAqrmVzFVkZi+6dtN\n8KhhmiZ54RdiudmsUgFu\n=TWGY\n-----END PGP SIGNATURE-----\n. \n\nBackground\n==========\n\nIcedTea is a distribution of the Java OpenJDK source code built with\nfree build tools. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c03596813\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03596813\nVersion: 1\n\nHPSBOV02833 SSRT101043 rev.1 - OpenVMS running Java on Integrity Servers,\nRemote Unauthorized Access, Disclosure of Information, and Other\nVulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2013-01-07\nLast Updated: 2013-01-07\n\nPotential Security Impact: Remote unauthorized access, disclosure of\ninformation, and other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in Java Runtime\nEnvironment (JRE) and Java Developer Kit (JDK) running on OpenVMS Integrity\nServers. These vulnerabilities could allow remote unauthorized access,\ndisclosure of information, and other exploits. \nOpenVMS Integrity JDK and JRE 6.0-3.p1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2012-1531 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-1532 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-1533 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-3143 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-3159 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2012-3216 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\nCVE-2012-4416 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2012-5068 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2012-5069 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8\nCVE-2012-5071 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2012-5072 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2012-5073 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2012-5075 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2012-5077 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\nCVE-2012-5079 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2012-5081 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2012-5083 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-5084 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2012-5085 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 0.0\nCVE-2012-5086 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-5087 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-5089 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these\nvulnerabilities. \n\nThe updates are available from the following location:\n\nhttp://h18012.www1.hp.com/java/alpha\n\nKit Name\n\nJava SE Development Kit (JDK) 6.0-4 for the OpenVMS I64 Operating System\n\nJava SE Runtime Environment (JRE) 6.0-4 for the OpenVMS I64 Operating System\n\nHISTORY\nVersion:1 (rev.1) - 7 January 2013 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated\nperiodically, is contained in HP Security Notice HPSN-2011-001:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttp://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2013 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. Customers are advised to migrate to later\nversions of Java at this time. In\ncases where it is not feasible to move to a later version of supported\nJava, customers are advised to contact IBM to evaluate other options. In a typical operating environment, these are of low security risk as\nthe runtime is not used on untrusted applets. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201401-30\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Oracle JRE/JDK: Multiple vulnerabilities\n Date: January 27, 2014\n Bugs: #404071, #421073, #433094, #438706, #451206, #455174,\n #458444, #460360, #466212, #473830, #473980, #488210, #498148\n ID: 201401-30\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the Oracle JRE/JDK,\nallowing attackers to cause unspecified impact. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-java/sun-jdk \u003c= 1.6.0.45 Vulnerable!\n 2 dev-java/oracle-jdk-bin \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n 3 dev-java/sun-jre-bin \u003c= 1.6.0.45 Vulnerable!\n 4 dev-java/oracle-jre-bin \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n 5 app-emulation/emul-linux-x86-java\n \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. \n -------------------------------------------------------------------\n NOTE: Packages marked with asterisks require manual intervention!\n -------------------------------------------------------------------\n 5 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been reported in the Oracle Java\nimplementation. Please review the CVE identifiers referenced below for\ndetails. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Oracle JDK 1.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=dev-java/oracle-jdk-bin-1.7.0.51\"\n\nAll Oracle JRE 1.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=dev-java/oracle-jre-bin-1.7.0.51\"\n\nAll users of the precompiled 32-bit Oracle JRE should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge -a -1 -v \"\u003e=app-emulation/emul-linux-x86-java-1.7.0.51\"\n\nAll Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one\nof the newer Oracle packages like dev-java/oracle-jdk-bin or\ndev-java/oracle-jre-bin or choose another alternative we provide; eg. \nthe IBM JDK/JRE or the open source IcedTea. \n\nReferences\n==========\n\n[ 1 ] CVE-2011-3563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[ 2 ] CVE-2011-5035\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[ 3 ] CVE-2012-0497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[ 4 ] CVE-2012-0498\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498\n[ 5 ] CVE-2012-0499\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499\n[ 6 ] CVE-2012-0500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500\n[ 7 ] CVE-2012-0501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[ 8 ] CVE-2012-0502\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[ 9 ] CVE-2012-0503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[ 10 ] CVE-2012-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504\n[ 11 ] CVE-2012-0505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[ 12 ] CVE-2012-0506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[ 13 ] CVE-2012-0507\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507\n[ 14 ] CVE-2012-0547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[ 15 ] CVE-2012-1531\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531\n[ 16 ] CVE-2012-1532\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532\n[ 17 ] CVE-2012-1533\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533\n[ 18 ] CVE-2012-1541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541\n[ 19 ] CVE-2012-1682\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682\n[ 20 ] CVE-2012-1711\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[ 21 ] CVE-2012-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[ 22 ] CVE-2012-1716\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[ 23 ] CVE-2012-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[ 24 ] CVE-2012-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[ 25 ] CVE-2012-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[ 26 ] CVE-2012-1721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721\n[ 27 ] CVE-2012-1722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722\n[ 28 ] CVE-2012-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[ 29 ] CVE-2012-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[ 30 ] CVE-2012-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[ 31 ] CVE-2012-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[ 32 ] CVE-2012-3136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136\n[ 33 ] CVE-2012-3143\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143\n[ 34 ] CVE-2012-3159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159\n[ 35 ] CVE-2012-3174\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174\n[ 36 ] CVE-2012-3213\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213\n[ 37 ] CVE-2012-3216\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[ 38 ] CVE-2012-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342\n[ 39 ] CVE-2012-4416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[ 40 ] CVE-2012-4681\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681\n[ 41 ] CVE-2012-5067\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067\n[ 42 ] CVE-2012-5068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[ 43 ] CVE-2012-5069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[ 44 ] CVE-2012-5070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[ 45 ] CVE-2012-5071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[ 46 ] CVE-2012-5072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[ 47 ] CVE-2012-5073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[ 48 ] CVE-2012-5074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[ 49 ] CVE-2012-5075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[ 50 ] CVE-2012-5076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[ 51 ] CVE-2012-5077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[ 52 ] CVE-2012-5079\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079\n[ 53 ] CVE-2012-5081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[ 54 ] CVE-2012-5083\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083\n[ 55 ] CVE-2012-5084\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[ 56 ] CVE-2012-5085\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[ 57 ] CVE-2012-5086\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[ 58 ] CVE-2012-5087\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[ 59 ] CVE-2012-5088\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088\n[ 60 ] CVE-2012-5089\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[ 61 ] CVE-2013-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[ 62 ] CVE-2013-0351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351\n[ 63 ] CVE-2013-0401\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[ 64 ] CVE-2013-0402\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402\n[ 65 ] CVE-2013-0409\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409\n[ 66 ] CVE-2013-0419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419\n[ 67 ] CVE-2013-0422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422\n[ 68 ] CVE-2013-0423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423\n[ 69 ] CVE-2013-0430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430\n[ 70 ] CVE-2013-0437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437\n[ 71 ] CVE-2013-0438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438\n[ 72 ] CVE-2013-0445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445\n[ 73 ] CVE-2013-0446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446\n[ 74 ] CVE-2013-0448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448\n[ 75 ] CVE-2013-0449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449\n[ 76 ] CVE-2013-0809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[ 77 ] CVE-2013-1473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473\n[ 78 ] CVE-2013-1479\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479\n[ 79 ] CVE-2013-1481\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481\n[ 80 ] CVE-2013-1484\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[ 81 ] CVE-2013-1485\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[ 82 ] CVE-2013-1486\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[ 83 ] CVE-2013-1487\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487\n[ 84 ] CVE-2013-1488\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[ 85 ] CVE-2013-1491\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491\n[ 86 ] CVE-2013-1493\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[ 87 ] CVE-2013-1500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[ 88 ] CVE-2013-1518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[ 89 ] CVE-2013-1537\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[ 90 ] CVE-2013-1540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540\n[ 91 ] CVE-2013-1557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[ 92 ] CVE-2013-1558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558\n[ 93 ] CVE-2013-1561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561\n[ 94 ] CVE-2013-1563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563\n[ 95 ] CVE-2013-1564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564\n[ 96 ] CVE-2013-1569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[ 97 ] CVE-2013-1571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[ 98 ] CVE-2013-2383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[ 99 ] CVE-2013-2384\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 100 ] CVE-2013-2394\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394\n[ 101 ] CVE-2013-2400\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400\n[ 102 ] CVE-2013-2407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 103 ] CVE-2013-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 104 ] CVE-2013-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414\n[ 105 ] CVE-2013-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 106 ] CVE-2013-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416\n[ 107 ] CVE-2013-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 108 ] CVE-2013-2418\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418\n[ 109 ] CVE-2013-2419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 110 ] CVE-2013-2420\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 111 ] CVE-2013-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 112 ] CVE-2013-2422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 113 ] CVE-2013-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 114 ] CVE-2013-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 115 ] CVE-2013-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425\n[ 116 ] CVE-2013-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 117 ] CVE-2013-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427\n[ 118 ] CVE-2013-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428\n[ 119 ] CVE-2013-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 120 ] CVE-2013-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 121 ] CVE-2013-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 122 ] CVE-2013-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432\n[ 123 ] CVE-2013-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433\n[ 124 ] CVE-2013-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434\n[ 125 ] CVE-2013-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435\n[ 126 ] CVE-2013-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 127 ] CVE-2013-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437\n[ 128 ] CVE-2013-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438\n[ 129 ] CVE-2013-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439\n[ 130 ] CVE-2013-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440\n[ 131 ] CVE-2013-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442\n[ 132 ] CVE-2013-2443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 133 ] CVE-2013-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 134 ] CVE-2013-2445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 135 ] CVE-2013-2446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 136 ] CVE-2013-2447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 137 ] CVE-2013-2448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 138 ] CVE-2013-2449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 139 ] CVE-2013-2450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 140 ] CVE-2013-2451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 141 ] CVE-2013-2452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 142 ] CVE-2013-2453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 143 ] CVE-2013-2454\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 144 ] CVE-2013-2455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 145 ] CVE-2013-2456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 146 ] CVE-2013-2457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 147 ] CVE-2013-2458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 148 ] CVE-2013-2459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 149 ] CVE-2013-2460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 150 ] CVE-2013-2461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 151 ] CVE-2013-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462\n[ 152 ] CVE-2013-2463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 153 ] CVE-2013-2464\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464\n[ 154 ] CVE-2013-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 155 ] CVE-2013-2466\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466\n[ 156 ] CVE-2013-2467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467\n[ 157 ] CVE-2013-2468\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468\n[ 158 ] CVE-2013-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 159 ] CVE-2013-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 160 ] CVE-2013-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 161 ] CVE-2013-2472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 162 ] CVE-2013-2473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 163 ] CVE-2013-3743\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743\n[ 164 ] CVE-2013-3744\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744\n[ 165 ] CVE-2013-3829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 166 ] CVE-2013-5772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 167 ] CVE-2013-5774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 168 ] CVE-2013-5775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775\n[ 169 ] CVE-2013-5776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776\n[ 170 ] CVE-2013-5777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777\n[ 171 ] CVE-2013-5778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 172 ] CVE-2013-5780\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 173 ] CVE-2013-5782\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 174 ] CVE-2013-5783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 175 ] CVE-2013-5784\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 176 ] CVE-2013-5787\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787\n[ 177 ] CVE-2013-5788\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788\n[ 178 ] CVE-2013-5789\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789\n[ 179 ] CVE-2013-5790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 180 ] CVE-2013-5797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 181 ] CVE-2013-5800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 182 ] CVE-2013-5801\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801\n[ 183 ] CVE-2013-5802\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 184 ] CVE-2013-5803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 185 ] CVE-2013-5804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 186 ] CVE-2013-5805\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 187 ] CVE-2013-5806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 188 ] CVE-2013-5809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 189 ] CVE-2013-5810\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810\n[ 190 ] CVE-2013-5812\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812\n[ 191 ] CVE-2013-5814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 192 ] CVE-2013-5817\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 193 ] CVE-2013-5818\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818\n[ 194 ] CVE-2013-5819\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819\n[ 195 ] CVE-2013-5820\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 196 ] CVE-2013-5823\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 197 ] CVE-2013-5824\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824\n[ 198 ] CVE-2013-5825\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 199 ] CVE-2013-5829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 200 ] CVE-2013-5830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 201 ] CVE-2013-5831\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831\n[ 202 ] CVE-2013-5832\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832\n[ 203 ] CVE-2013-5838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838\n[ 204 ] CVE-2013-5840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 205 ] CVE-2013-5842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 206 ] CVE-2013-5843\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843\n[ 207 ] CVE-2013-5844\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844\n[ 208 ] CVE-2013-5846\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846\n[ 209 ] CVE-2013-5848\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848\n[ 210 ] CVE-2013-5849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 211 ] CVE-2013-5850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 212 ] CVE-2013-5851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 213 ] CVE-2013-5852\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852\n[ 214 ] CVE-2013-5854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854\n[ 215 ] CVE-2013-5870\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870\n[ 216 ] CVE-2013-5878\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878\n[ 217 ] CVE-2013-5887\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887\n[ 218 ] CVE-2013-5888\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888\n[ 219 ] CVE-2013-5889\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889\n[ 220 ] CVE-2013-5893\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893\n[ 221 ] CVE-2013-5895\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895\n[ 222 ] CVE-2013-5896\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896\n[ 223 ] CVE-2013-5898\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898\n[ 224 ] CVE-2013-5899\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899\n[ 225 ] CVE-2013-5902\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902\n[ 226 ] CVE-2013-5904\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904\n[ 227 ] CVE-2013-5905\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905\n[ 228 ] CVE-2013-5906\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906\n[ 229 ] CVE-2013-5907\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907\n[ 230 ] CVE-2013-5910\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910\n[ 231 ] CVE-2014-0368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368\n[ 232 ] CVE-2014-0373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373\n[ 233 ] CVE-2014-0375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375\n[ 234 ] CVE-2014-0376\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376\n[ 235 ] CVE-2014-0382\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382\n[ 236 ] CVE-2014-0385\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385\n[ 237 ] CVE-2014-0387\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387\n[ 238 ] CVE-2014-0403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403\n[ 239 ] CVE-2014-0408\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408\n[ 240 ] CVE-2014-0410\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410\n[ 241 ] CVE-2014-0411\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411\n[ 242 ] CVE-2014-0415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415\n[ 243 ] CVE-2014-0416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416\n[ 244 ] CVE-2014-0417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417\n[ 245 ] CVE-2014-0418\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418\n[ 246 ] CVE-2014-0422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422\n[ 247 ] CVE-2014-0423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423\n[ 248 ] CVE-2014-0424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424\n[ 249 ] CVE-2014-0428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201401-30.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. (CVE-2012-5085)\n\nNote: If the web browser plug-in provided by the icedtea-web package was\ninstalled, the issues exposed via Java applets could have been exploited\nwithout user interaction if a user visited a malicious website. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: java-1.7.0-openjdk security update\nAdvisory ID: RHSA-2012:1386-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1386.html\nIssue date: 2012-10-17\nCVE Names: CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 \n CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 \n CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 \n CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 \n CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 \n CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 \n CVE-2012-5088 CVE-2012-5089 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-openjdk packages that fix several security issues are\nnow available for Red Hat Enterprise Linux 6. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64\n\n3. Description:\n\nThese packages provide the OpenJDK 7 Java Runtime Environment and the\nOpenJDK 7 Software Development Kit. \n\nMultiple improper permission check issues were discovered in the Beans,\nLibraries, Swing, and JMX components in OpenJDK. An untrusted Java\napplication or applet could use these flaws to bypass Java sandbox\nrestrictions. (CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5084,\nCVE-2012-5089)\n\nThe default Java security properties configuration did not restrict access\nto certain com.sun.org.glassfish packages. An untrusted Java application\nor applet could use these flaws to bypass Java sandbox restrictions. This\nupdate lists those packages as restricted. (CVE-2012-5076, CVE-2012-5074)\n\nMultiple improper permission check issues were discovered in the Scripting,\nJMX, Concurrency, Libraries, and Security components in OpenJDK. An\nuntrusted Java application or applet could use these flaws to bypass\ncertain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071,\nCVE-2012-5069, CVE-2012-5073, CVE-2012-5072)\n\nIt was discovered that java.util.ServiceLoader could create an instance of\nan incompatible class while performing provider lookup. An untrusted Java\napplication or applet could use this flaw to bypass certain Java sandbox\nrestrictions. (CVE-2012-5079)\n\nIt was discovered that the Java Secure Socket Extension (JSSE) SSL/TLS\nimplementation did not properly handle handshake records containing an\noverly large data length value. An unauthenticated, remote attacker could\npossibly use this flaw to cause an SSL/TLS server to terminate with an\nexception. (CVE-2012-5081)\n\nIt was discovered that the JMX component in OpenJDK could perform certain\nactions in an insecure manner. An untrusted Java application or applet\ncould possibly use these flaws to disclose sensitive information. \n(CVE-2012-5070, CVE-2012-5075)\n\nA bug in the Java HotSpot Virtual Machine optimization code could cause it\nto not perform array initialization in certain cases. An untrusted Java\napplication or applet could use this flaw to disclose portions of the\nvirtual machine\u0027s memory. (CVE-2012-4416)\n\nIt was discovered that the SecureRandom class did not properly protect\nagainst the creation of multiple seeders. An untrusted Java application or\napplet could possibly use this flaw to disclose sensitive information. \n(CVE-2012-5077)\n\nIt was discovered that the java.io.FilePermission class exposed the hash\ncode of the canonicalized path name. An untrusted Java application or\napplet could possibly use this flaw to determine certain system paths, such\nas the current working directory. (CVE-2012-3216)\n\nThis update disables Gopher protocol support in the java.net package by\ndefault. Gopher support can be enabled by setting the newly introduced\nproperty, \"jdk.net.registerGopherProtocol\", to true. (CVE-2012-5085)\n\nThis erratum also upgrades the OpenJDK package to IcedTea7 2.3.3. Refer to\nthe NEWS file, linked to in the References, for further information. \n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n856124 - CVE-2012-4416 OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606)\n865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398)\n865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535)\n865350 - CVE-2012-5070 OpenJDK: EnvHelp information disclosure (JMX, 7158796)\n865352 - CVE-2012-5076 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7163198)\n865354 - CVE-2012-5077 OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656)\n865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884)\n865359 - CVE-2012-5074 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7169887)\n865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)\n865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522)\n865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286)\n865428 - CVE-2012-5086 OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917)\n865434 - CVE-2012-5087 OpenJDK: PropertyElementHandler insufficient access checks (Beans, 7195549)\n865471 - CVE-2012-5088 OpenJDK: MethodHandle insufficient access control checks (Libraries, 7196190)\n865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)\n865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)\n865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975)\n865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103)\n865541 - CVE-2012-5085 OpenJDK: disable Gopher support by default (Gopher, 7189567)\n865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-3216.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-4416.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5068.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5069.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5070.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5071.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5072.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5073.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5074.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5075.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5076.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5077.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5079.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5081.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5084.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5085.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5086.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5087.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5088.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5089.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttp://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.3/NEWS\nhttp://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQftouXlSAg2UNWIIRAu4QAJ9oluAxlU3ZC8CvezRk4Erm08HD+QCeNlqf\nGG07IH3dgJiG+gj47Cm1WNQ=\n=8X+P\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3216"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004959"
},
{
"db": "BID",
"id": "56075"
},
{
"db": "VULMON",
"id": "CVE-2012-3216"
},
{
"db": "PACKETSTORM",
"id": "117455"
},
{
"db": "PACKETSTORM",
"id": "117454"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "119308"
},
{
"db": "PACKETSTORM",
"id": "118306"
},
{
"db": "PACKETSTORM",
"id": "123735"
},
{
"db": "PACKETSTORM",
"id": "124943"
},
{
"db": "PACKETSTORM",
"id": "117477"
},
{
"db": "PACKETSTORM",
"id": "117453"
},
{
"db": "PACKETSTORM",
"id": "118142"
},
{
"db": "PACKETSTORM",
"id": "117452"
}
],
"trust": 2.97
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2012-3216",
"trust": 3.9
},
{
"db": "HITACHI",
"id": "HS12-023",
"trust": 2.0
},
{
"db": "BID",
"id": "56075",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "51166",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51438",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51326",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51029",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51141",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51028",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51328",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51313",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51327",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51390",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51393",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51315",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004959",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-278",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-213-02",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2012-3216",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117455",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117454",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127267",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "119308",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118306",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123735",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124943",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117477",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117453",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118142",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117452",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-3216"
},
{
"db": "BID",
"id": "56075"
},
{
"db": "PACKETSTORM",
"id": "117455"
},
{
"db": "PACKETSTORM",
"id": "117454"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "119308"
},
{
"db": "PACKETSTORM",
"id": "118306"
},
{
"db": "PACKETSTORM",
"id": "123735"
},
{
"db": "PACKETSTORM",
"id": "124943"
},
{
"db": "PACKETSTORM",
"id": "117477"
},
{
"db": "PACKETSTORM",
"id": "117453"
},
{
"db": "PACKETSTORM",
"id": "118142"
},
{
"db": "PACKETSTORM",
"id": "117452"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-278"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004959"
},
{
"db": "NVD",
"id": "CVE-2012-3216"
}
]
},
"id": "VAR-201210-0053",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5
},
"last_update_date": "2026-04-10T22:38:58.547000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HT5549",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5549"
},
{
"title": "HT5549",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5549?viewlocale=ja_JP"
},
{
"title": "HS12-023",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html"
},
{
"title": "HPSBUX02832 SSRT101042",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c03595351"
},
{
"title": "HPSBOV02833 SSRT101043",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c03596813"
},
{
"title": "1616490",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"title": "1621154",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"title": "1620037",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037"
},
{
"title": "1631786",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"title": "openSUSE-SU-2012:1423",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html"
},
{
"title": "SUSE-SU-2012:1490",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html"
},
{
"title": "SUSE-SU-2012:1398",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"title": "SUSE-SU-2012:1489",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html"
},
{
"title": "SUSE-SU-2012:1595",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html"
},
{
"title": "Text Form of Oracle Java SE Critical Patch Update - October 2012 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012verbose-1515981.html"
},
{
"title": "Oracle Java SE Critical Patch Update Advisory - October 2012",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
},
{
"title": "RHSA-2013:1455",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"title": "RHSA-2012:1465",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"title": "RHSA-2013:1456",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"title": "RHSA-2012:1466",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"title": "RHSA-2012:1467",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"title": "RHSA-2012:1391",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"
},
{
"title": "RHSA-2012:1392",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1392.html"
},
{
"title": "RHSA-2012:1385",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1385.html"
},
{
"title": "RHSA-2012:1386",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1386.html"
},
{
"title": "October 2012 Critical Patch Update and Critical Patch Update for Java SE Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2012_critical_patch_update"
},
{
"title": "XRX13-003",
"trust": 0.8,
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
},
{
"title": "HS12-023",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-023/index.html"
},
{
"title": "Oracle Corporation Java\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/oracle/20121017.html"
},
{
"title": "Oracle Java SE JRE Fixes for Unknown Security Vulnerabilities in Components",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=192734"
},
{
"title": "Red Hat: Critical: java-1.4.2-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121485 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.5.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121465 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.6.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121384 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.6.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121385 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121386 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.6.0-sun security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121392 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.6.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121466 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-oracle security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121391 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121467 - Security Advisory"
},
{
"title": "Amazon Linux AMI: ALAS-2012-136",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2012-136"
},
{
"title": "Amazon Linux AMI: ALAS-2012-137",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2012-137"
},
{
"title": "Ubuntu Security Notice: openjdk-6, openjdk-7 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1619-1"
},
{
"title": "Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131456 - Security Advisory"
},
{
"title": "Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131455 - Security Advisory"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/apple-patches-java-flaws-101812/77126/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-3216"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-278"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004959"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3216"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.4,
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037"
},
{
"trust": 2.0,
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_xrx13-003_v1.0.pdf"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1391.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1385.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1386.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1467.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/56075"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1456.html"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1392.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=135542848327757\u0026w=2"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1465.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1466.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=135758563611658\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51029"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51028"
},
{
"trust": 1.7,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-023/index.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51141"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51438"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51328"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51326"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51393"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51390"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51315"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51313"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51327"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51166"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1455.html"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16538"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3216"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5073"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5071"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5081"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5072"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5069"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5084"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3216"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20121017-jre.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3216"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5077"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5075"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1531"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5086"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5068"
},
{
"trust": 0.7,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5073.html"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5079"
},
{
"trust": 0.7,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5079.html"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.7,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5081.html"
},
{
"trust": 0.7,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.7,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3216.html"
},
{
"trust": 0.7,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5084.html"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.7,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1533"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4416"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5089"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1532"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5072.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5089.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5071.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5069.html"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5075.html"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3143"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3159"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5083"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5086.html"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5085"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5068.html"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5077.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5085.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4416.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5087"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1531.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5083.html"
},
{
"trust": 0.3,
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-october/020571.html"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht5549"
},
{
"trust": 0.3,
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-october/020556.html"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-023/index.html"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_fixed_in_java"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_fixed_in_java1"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/connections/blogs/psirt/entry/security_bulletin_vulnerabilities_in_rational_functional_tester_versions_8_x_due_to_security_vulnerabilities_in_ibm_jre_7_0_service_release_2_or_e"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100168011"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100168009"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03595351"
},
{
"trust": 0.3,
"url": "http://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?docid=emr_na-c03909126-1\u0026ac.admitted=1378134276525.876444892.492883150"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03596813"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621951"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621771"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21617321"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21617323"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635864"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21637519"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21618977"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21625941"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21636462"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21619418"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2013-0003.html"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2013-0006.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621959"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621958"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4820.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4820"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4822"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4822.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1532.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3159.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1533.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1718"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3143.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5070"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5070.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5076.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5074.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5076"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5088"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5088.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5087.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5074"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089"
},
{
"trust": 0.2,
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4823"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1541"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1719"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4823.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0547"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1718.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1717"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1722"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1716"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1713"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1682"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1721"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5067.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5067"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2012:1485"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/1619-1/"
},
{
"trust": 0.1,
"url": "https://alas.aws.amazon.com/alas-2012-136.html"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "http://www.o"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5979"
},
{
"trust": 0.1,
"url": "http://icedtea.classpath.org/hg/release/icedtea6-1.10/file/icedtea6-1.10.10/news"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3562"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3564"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3551"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3557"
},
{
"trust": 0.1,
"url": "http://h18012.www1.hp.com/java/alpha"
},
{
"trust": 0.1,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2012-1485.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2468.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1540.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1476.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2463.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2446.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3342"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1500.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0428.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1480.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2419.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0401.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2444.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0425.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2454.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1722.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0419.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2422.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1721.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0409.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0423.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0443.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2451.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0809.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1487.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0351.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0427.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1569.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0433.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1493.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2435.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2456.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-3743.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2407.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2470.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1541.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1557.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1725"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2471.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2429.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3213"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2443.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0551"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1713.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3213.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0441.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2457.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2412.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0432.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0446.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1481.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1537.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1717.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2432.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2447.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2452.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0450.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1491.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2464.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1571.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2383.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2418.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1473.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0547.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1563.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2465.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2472.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2466.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2424.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2453.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2473.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2433.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2437.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1716.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3342.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0426.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2450.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0440.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1725.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2417.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0445.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2394.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2455.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1682.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2459.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2430.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0442.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0551.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0424.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2448.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1719.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1486.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2384.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0169.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2469.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0438.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1478.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0435.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0434.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2420.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2440.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0507"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5870"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0503"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0419"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5818"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5889"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0449"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2440"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0385"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2427"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2437"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0445"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2468"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3743"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0422"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5893"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3174"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5888"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0437"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0373"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5789"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1682"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5899"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5801"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5832"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5848"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0415"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2400"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3143"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0438"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5810"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5905"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201401-30.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5904"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5831"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3744"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5854"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2394"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0498"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5852"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5777"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0499"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0499"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0409"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4681"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5083"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0375"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2439"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0376"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5824"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5776"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1531"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0417"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0504"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5819"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0507"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5895"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2466"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0446"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-5035"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2418"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5788"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1473"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5887"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0418"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0410"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0368"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5902"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0387"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0502"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1533"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2438"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0382"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5812"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3213"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5846"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0497"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5775"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5787"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5898"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1481"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5844"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5906"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1711"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1532"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2435"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1491"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5910"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1487"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5907"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5896"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5843"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5067"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0498"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5079"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0411"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1479"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2434"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2464"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5878"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0505"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0408"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0402"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0506"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5088"
},
{
"trust": 0.1,
"url": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.5/news"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2012-1384.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4821.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4821"
},
{
"trust": 0.1,
"url": "http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.3/news"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-3216"
},
{
"db": "BID",
"id": "56075"
},
{
"db": "PACKETSTORM",
"id": "117455"
},
{
"db": "PACKETSTORM",
"id": "117454"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "119308"
},
{
"db": "PACKETSTORM",
"id": "118306"
},
{
"db": "PACKETSTORM",
"id": "123735"
},
{
"db": "PACKETSTORM",
"id": "124943"
},
{
"db": "PACKETSTORM",
"id": "117477"
},
{
"db": "PACKETSTORM",
"id": "117453"
},
{
"db": "PACKETSTORM",
"id": "118142"
},
{
"db": "PACKETSTORM",
"id": "117452"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-278"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004959"
},
{
"db": "NVD",
"id": "CVE-2012-3216"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2012-3216",
"ident": null
},
{
"db": "BID",
"id": "56075",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "117455",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "117454",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127267",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "119308",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "118306",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "123735",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "124943",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "117477",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "117453",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "118142",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "117452",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201210-278",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004959",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2012-3216",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2012-10-16T00:00:00",
"db": "VULMON",
"id": "CVE-2012-3216",
"ident": null
},
{
"date": "2012-10-16T00:00:00",
"db": "BID",
"id": "56075",
"ident": null
},
{
"date": "2012-10-16T19:22:22",
"db": "PACKETSTORM",
"id": "117455",
"ident": null
},
{
"date": "2012-10-18T06:07:56",
"db": "PACKETSTORM",
"id": "117454",
"ident": null
},
{
"date": "2014-06-30T23:39:28",
"db": "PACKETSTORM",
"id": "127267",
"ident": null
},
{
"date": "2013-01-08T04:16:56",
"db": "PACKETSTORM",
"id": "119308",
"ident": null
},
{
"date": "2012-11-23T16:21:12",
"db": "PACKETSTORM",
"id": "118306",
"ident": null
},
{
"date": "2013-10-23T22:58:21",
"db": "PACKETSTORM",
"id": "123735",
"ident": null
},
{
"date": "2014-01-27T18:30:13",
"db": "PACKETSTORM",
"id": "124943",
"ident": null
},
{
"date": "2012-10-18T22:02:02",
"db": "PACKETSTORM",
"id": "117477",
"ident": null
},
{
"date": "2012-10-18T06:07:33",
"db": "PACKETSTORM",
"id": "117453",
"ident": null
},
{
"date": "2012-11-16T07:06:23",
"db": "PACKETSTORM",
"id": "118142",
"ident": null
},
{
"date": "2012-10-18T06:07:00",
"db": "PACKETSTORM",
"id": "117452",
"ident": null
},
{
"date": "2012-10-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-278",
"ident": null
},
{
"date": "2012-10-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004959",
"ident": null
},
{
"date": "2012-10-16T21:55:01.493000",
"db": "NVD",
"id": "CVE-2012-3216",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2012-3216",
"ident": null
},
{
"date": "2015-04-13T22:05:00",
"db": "BID",
"id": "56075",
"ident": null
},
{
"date": "2022-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-278",
"ident": null
},
{
"date": "2015-08-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004959",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2012-3216",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "119308"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-278"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "Oracle Java SE of Java Runtime Environment Vulnerability in library processing",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004959"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "56075"
}
],
"trust": 0.3
}
}
VAR-201507-0303
Vulnerability from variot - Updated: 2026-04-10 22:38Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges. Oracle MySQL Server is an open source relational database management system developed by Oracle Corporation. The database system has the characteristics of high performance, low cost and good reliability. 5 client) - i386, x86_64
- ============================================================================ Ubuntu Security Notice USN-2674-1 July 21, 2015
mysql-5.5, mysql-5.6 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in MySQL.
MySQL has been updated to 5.5.44 in Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 14.10.
In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-44.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-25.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: mysql-server-5.6 5.6.25-0ubuntu0.15.04.1
Ubuntu 14.10: mysql-server-5.5 5.5.44-0ubuntu0.14.10.1
Ubuntu 14.04 LTS: mysql-server-5.5 5.5.44-0ubuntu0.14.04.1
Ubuntu 12.04 LTS: mysql-server-5.5 5.5.44-0ubuntu0.12.04.1
In general, a standard system update will make all the necessary changes.
For the stable distribution (jessie), these problems have been fixed in version 5.5.44-0+deb8u1.
Gentoo Linux Security Advisory GLSA 201610-06
https://security.gentoo.org/
Severity: Normal Title: MySQL and MariaDB: Multiple vulnerabilities Date: October 11, 2016 Bugs: #546724, #555478, #555480, #564170, #564442, #572870, #580832, #580834, #589238, #589346, #593608 ID: 201610-06
Synopsis
Multiple vulnerabilities have been found in MySQL and MariaDB, the worst of which could allow remote attackers to cause a Denial of Service condition or obtain sensitive information. MariaDB is an enhanced, drop-in replacement for MySQL.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-db/mysql < 5.6.31 >= 5.6.31 2 dev-db/mariadb < 10.0.27 *> 5.5.51 3 dev-db/mariab >= 10.0.27 ------------------------------------------------------------------- 3 affected packages
Description
Multiple vulnerabilities have been discovered in MySQL and MariaDB. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All MySQL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.6.31"
All MariaDB users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mariadb-10.0.27"
References
[ 1 ] CVE-2015-2582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2582 [ 2 ] CVE-2015-2611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2611 [ 3 ] CVE-2015-2617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2617 [ 4 ] CVE-2015-2620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2620 [ 5 ] CVE-2015-2639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2639 [ 6 ] CVE-2015-2641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2641 [ 7 ] CVE-2015-2643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2643 [ 8 ] CVE-2015-2648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2648 [ 9 ] CVE-2015-2661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2661 [ 10 ] CVE-2015-4737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4737 [ 11 ] CVE-2015-4752 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4752 [ 12 ] CVE-2015-4756 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4756 [ 13 ] CVE-2015-4757 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4757 [ 14 ] CVE-2015-4767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4767 [ 15 ] CVE-2015-4769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4769 [ 16 ] CVE-2015-4771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4771 [ 17 ] CVE-2015-4772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4772
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201610-06
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: mariadb security update Advisory ID: RHSA-2015:1665-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1665.html Issue date: 2015-08-24 CVE Names: CVE-2015-0433 CVE-2015-0441 CVE-2015-0499 CVE-2015-0501 CVE-2015-0505 CVE-2015-2568 CVE-2015-2571 CVE-2015-2573 CVE-2015-2582 CVE-2015-2620 CVE-2015-2643 CVE-2015-2648 CVE-2015-3152 CVE-2015-4737 CVE-2015-4752 CVE-2015-4757 =====================================================================
- Summary:
Updated mariadb packages that fix several security issues are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.
It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server. (CVE-2015-3152)
This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2015-0501, CVE-2015-2568, CVE-2015-0499, CVE-2015-2571, CVE-2015-0433, CVE-2015-0441, CVE-2015-0505, CVE-2015-2573, CVE-2015-2582, CVE-2015-2620, CVE-2015-2643, CVE-2015-2648, CVE-2015-4737, CVE-2015-4752, CVE-2015-4757)
These updated packages upgrade MariaDB to version 5.5.44. Refer to the MariaDB Release Notes listed in the References section for a complete list of changes.
All MariaDB users should upgrade to these updated packages, which correct these issues. After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1212758 - CVE-2015-0501 mysql: unspecified vulnerability related to Server:Compiling (CPU April 2015) 1212763 - CVE-2015-2568 mysql: unspecified vulnerability related to Server:Security:Privileges (CPU April 2015) 1212768 - CVE-2015-0499 mysql: unspecified vulnerability related to Server:Federated (CPU April 2015) 1212772 - CVE-2015-2571 mysql: unspecified vulnerability related to Server:Optimizer (CPU April 2015) 1212776 - CVE-2015-0433 mysql: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015) 1212777 - CVE-2015-0441 mysql: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015) 1212780 - CVE-2015-0505 mysql: unspecified vulnerability related to Server:DDL (CPU April 2015) 1212783 - CVE-2015-2573 mysql: unspecified vulnerability related to Server:DDL (CPU April 2015) 1217506 - CVE-2015-3152 mysql: use of SSL/TLS can not be enforced in mysql client library (oCERT-2015-003, BACKRONYM) 1244768 - CVE-2015-2582 mysql: unspecified vulnerability related to Server:GIS (CPU July 2015) 1244771 - CVE-2015-2620 mysql: unspecified vulnerability related to Server:Security:Privileges (CPU July 2015) 1244774 - CVE-2015-2643 mysql: unspecified vulnerability related to Server:Optimizer (CPU July 2015) 1244775 - CVE-2015-2648 mysql: unspecified vulnerability related to Server:DML (CPU July 2015) 1244778 - CVE-2015-4737 mysql: unspecified vulnerability related to Server:Pluggable Auth (CPU July 2015) 1244779 - CVE-2015-4752 mysql: unspecified vulnerability related to Server:I_S (CPU July 2015) 1244781 - CVE-2015-4757 mysql: unspecified vulnerability related to Server:Optimizer (CPU July 2015)
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: mariadb-5.5.44-1.el7_1.src.rpm
x86_64: mariadb-5.5.44-1.el7_1.x86_64.rpm mariadb-debuginfo-5.5.44-1.el7_1.i686.rpm mariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm mariadb-libs-5.5.44-1.el7_1.i686.rpm mariadb-libs-5.5.44-1.el7_1.x86_64.rpm mariadb-server-5.5.44-1.el7_1.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: mariadb-bench-5.5.44-1.el7_1.x86_64.rpm mariadb-debuginfo-5.5.44-1.el7_1.i686.rpm mariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm mariadb-devel-5.5.44-1.el7_1.i686.rpm mariadb-devel-5.5.44-1.el7_1.x86_64.rpm mariadb-embedded-5.5.44-1.el7_1.i686.rpm mariadb-embedded-5.5.44-1.el7_1.x86_64.rpm mariadb-embedded-devel-5.5.44-1.el7_1.i686.rpm mariadb-embedded-devel-5.5.44-1.el7_1.x86_64.rpm mariadb-test-5.5.44-1.el7_1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: mariadb-5.5.44-1.el7_1.src.rpm
x86_64: mariadb-5.5.44-1.el7_1.x86_64.rpm mariadb-debuginfo-5.5.44-1.el7_1.i686.rpm mariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm mariadb-libs-5.5.44-1.el7_1.i686.rpm mariadb-libs-5.5.44-1.el7_1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: mariadb-bench-5.5.44-1.el7_1.x86_64.rpm mariadb-debuginfo-5.5.44-1.el7_1.i686.rpm mariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm mariadb-devel-5.5.44-1.el7_1.i686.rpm mariadb-devel-5.5.44-1.el7_1.x86_64.rpm mariadb-embedded-5.5.44-1.el7_1.i686.rpm mariadb-embedded-5.5.44-1.el7_1.x86_64.rpm mariadb-embedded-devel-5.5.44-1.el7_1.i686.rpm mariadb-embedded-devel-5.5.44-1.el7_1.x86_64.rpm mariadb-server-5.5.44-1.el7_1.x86_64.rpm mariadb-test-5.5.44-1.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: mariadb-5.5.44-1.el7_1.src.rpm
ppc64: mariadb-5.5.44-1.el7_1.ppc64.rpm mariadb-bench-5.5.44-1.el7_1.ppc64.rpm mariadb-debuginfo-5.5.44-1.el7_1.ppc.rpm mariadb-debuginfo-5.5.44-1.el7_1.ppc64.rpm mariadb-devel-5.5.44-1.el7_1.ppc.rpm mariadb-devel-5.5.44-1.el7_1.ppc64.rpm mariadb-libs-5.5.44-1.el7_1.ppc.rpm mariadb-libs-5.5.44-1.el7_1.ppc64.rpm mariadb-server-5.5.44-1.el7_1.ppc64.rpm mariadb-test-5.5.44-1.el7_1.ppc64.rpm
s390x: mariadb-5.5.44-1.el7_1.s390x.rpm mariadb-bench-5.5.44-1.el7_1.s390x.rpm mariadb-debuginfo-5.5.44-1.el7_1.s390.rpm mariadb-debuginfo-5.5.44-1.el7_1.s390x.rpm mariadb-devel-5.5.44-1.el7_1.s390.rpm mariadb-devel-5.5.44-1.el7_1.s390x.rpm mariadb-libs-5.5.44-1.el7_1.s390.rpm mariadb-libs-5.5.44-1.el7_1.s390x.rpm mariadb-server-5.5.44-1.el7_1.s390x.rpm mariadb-test-5.5.44-1.el7_1.s390x.rpm
x86_64: mariadb-5.5.44-1.el7_1.x86_64.rpm mariadb-bench-5.5.44-1.el7_1.x86_64.rpm mariadb-debuginfo-5.5.44-1.el7_1.i686.rpm mariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm mariadb-devel-5.5.44-1.el7_1.i686.rpm mariadb-devel-5.5.44-1.el7_1.x86_64.rpm mariadb-libs-5.5.44-1.el7_1.i686.rpm mariadb-libs-5.5.44-1.el7_1.x86_64.rpm mariadb-server-5.5.44-1.el7_1.x86_64.rpm mariadb-test-5.5.44-1.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: mariadb-5.5.44-1.ael7b_1.src.rpm
ppc64le: mariadb-5.5.44-1.ael7b_1.ppc64le.rpm mariadb-bench-5.5.44-1.ael7b_1.ppc64le.rpm mariadb-debuginfo-5.5.44-1.ael7b_1.ppc64le.rpm mariadb-devel-5.5.44-1.ael7b_1.ppc64le.rpm mariadb-libs-5.5.44-1.ael7b_1.ppc64le.rpm mariadb-server-5.5.44-1.ael7b_1.ppc64le.rpm mariadb-test-5.5.44-1.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: mariadb-debuginfo-5.5.44-1.el7_1.ppc.rpm mariadb-debuginfo-5.5.44-1.el7_1.ppc64.rpm mariadb-embedded-5.5.44-1.el7_1.ppc.rpm mariadb-embedded-5.5.44-1.el7_1.ppc64.rpm mariadb-embedded-devel-5.5.44-1.el7_1.ppc.rpm mariadb-embedded-devel-5.5.44-1.el7_1.ppc64.rpm
s390x: mariadb-debuginfo-5.5.44-1.el7_1.s390.rpm mariadb-debuginfo-5.5.44-1.el7_1.s390x.rpm mariadb-embedded-5.5.44-1.el7_1.s390.rpm mariadb-embedded-5.5.44-1.el7_1.s390x.rpm mariadb-embedded-devel-5.5.44-1.el7_1.s390.rpm mariadb-embedded-devel-5.5.44-1.el7_1.s390x.rpm
x86_64: mariadb-debuginfo-5.5.44-1.el7_1.i686.rpm mariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm mariadb-embedded-5.5.44-1.el7_1.i686.rpm mariadb-embedded-5.5.44-1.el7_1.x86_64.rpm mariadb-embedded-devel-5.5.44-1.el7_1.i686.rpm mariadb-embedded-devel-5.5.44-1.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64le: mariadb-debuginfo-5.5.44-1.ael7b_1.ppc64le.rpm mariadb-embedded-5.5.44-1.ael7b_1.ppc64le.rpm mariadb-embedded-devel-5.5.44-1.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: mariadb-5.5.44-1.el7_1.src.rpm
x86_64: mariadb-5.5.44-1.el7_1.x86_64.rpm mariadb-bench-5.5.44-1.el7_1.x86_64.rpm mariadb-debuginfo-5.5.44-1.el7_1.i686.rpm mariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm mariadb-devel-5.5.44-1.el7_1.i686.rpm mariadb-devel-5.5.44-1.el7_1.x86_64.rpm mariadb-libs-5.5.44-1.el7_1.i686.rpm mariadb-libs-5.5.44-1.el7_1.x86_64.rpm mariadb-server-5.5.44-1.el7_1.x86_64.rpm mariadb-test-5.5.44-1.el7_1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: mariadb-debuginfo-5.5.44-1.el7_1.i686.rpm mariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm mariadb-embedded-5.5.44-1.el7_1.i686.rpm mariadb-embedded-5.5.44-1.el7_1.x86_64.rpm mariadb-embedded-devel-5.5.44-1.el7_1.i686.rpm mariadb-embedded-devel-5.5.44-1.el7_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-0433 https://access.redhat.com/security/cve/CVE-2015-0441 https://access.redhat.com/security/cve/CVE-2015-0499 https://access.redhat.com/security/cve/CVE-2015-0501 https://access.redhat.com/security/cve/CVE-2015-0505 https://access.redhat.com/security/cve/CVE-2015-2568 https://access.redhat.com/security/cve/CVE-2015-2571 https://access.redhat.com/security/cve/CVE-2015-2573 https://access.redhat.com/security/cve/CVE-2015-2582 https://access.redhat.com/security/cve/CVE-2015-2620 https://access.redhat.com/security/cve/CVE-2015-2643 https://access.redhat.com/security/cve/CVE-2015-2648 https://access.redhat.com/security/cve/CVE-2015-3152 https://access.redhat.com/security/cve/CVE-2015-4737 https://access.redhat.com/security/cve/CVE-2015-4752 https://access.redhat.com/security/cve/CVE-2015-4757 https://access.redhat.com/security/updates/classification/#moderate http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL https://mariadb.com/kb/en/mariadb/mariadb-5544-release-notes/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFV228TXlSAg2UNWIIRAm1mAJ0bzbWNcno0Sy/+xCRBh61u0Og5LQCfYvOB tzK/FpD+vNcUAhqnRuiFgiM= =BpLD -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "mysql",
"scope": "lte",
"trust": 1.8,
"vendor": "oracle",
"version": "5.5.43"
},
{
"_id": null,
"model": "mysql",
"scope": "lte",
"trust": 1.8,
"vendor": "oracle",
"version": "5.6.23"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.3"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "5.5.0"
},
{
"_id": null,
"model": "mysql",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "5.5.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.04"
},
{
"_id": null,
"model": "junos space",
"scope": "lte",
"trust": 1.0,
"vendor": "juniper",
"version": "15.1"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.10"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "5.5.44"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"_id": null,
"model": "mysql",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "5.6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.20"
},
{
"_id": null,
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "mysql ab",
"version": "5.5.9"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "5.6.23"
},
{
"_id": null,
"model": "mysql",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "5.5.43"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201507-518"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003712"
},
{
"db": "NVD",
"id": "CVE-2015-2620"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:oracle:mysql",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003712"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "133092"
},
{
"db": "PACKETSTORM",
"id": "133090"
},
{
"db": "PACKETSTORM",
"id": "133091"
},
{
"db": "PACKETSTORM",
"id": "133232"
},
{
"db": "PACKETSTORM",
"id": "133233"
},
{
"db": "PACKETSTORM",
"id": "133276"
}
],
"trust": 0.6
},
"cve": "CVE-2015-2620",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-2620",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-2620",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-80581",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-2620",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-2620",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-201507-518",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-80581",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-2620",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-80581"
},
{
"db": "VULMON",
"id": "CVE-2015-2620"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-518"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003712"
},
{
"db": "NVD",
"id": "CVE-2015-2620"
}
]
},
"description": {
"_id": null,
"data": "Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges. Oracle MySQL Server is an open source relational database management system developed by Oracle Corporation. The database system has the characteristics of high performance, low cost and good reliability. 5 client) - i386, x86_64\n\n3. ============================================================================\nUbuntu Security Notice USN-2674-1\nJuly 21, 2015\n\nmysql-5.5, mysql-5.6 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in MySQL. \n\nMySQL has been updated to 5.5.44 in Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and\nUbuntu 14.10. \n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes. \n\nPlease see the following for more information:\nhttp://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-44.html\nhttp://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-25.html\nhttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n mysql-server-5.6 5.6.25-0ubuntu0.15.04.1\n\nUbuntu 14.10:\n mysql-server-5.5 5.5.44-0ubuntu0.14.10.1\n\nUbuntu 14.04 LTS:\n mysql-server-5.5 5.5.44-0ubuntu0.14.04.1\n\nUbuntu 12.04 LTS:\n mysql-server-5.5 5.5.44-0ubuntu0.12.04.1\n\nIn general, a standard system update will make all the necessary changes. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.5.44-0+deb8u1. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201610-06\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: MySQL and MariaDB: Multiple vulnerabilities\n Date: October 11, 2016\n Bugs: #546724, #555478, #555480, #564170, #564442, #572870,\n #580832, #580834, #589238, #589346, #593608\n ID: 201610-06\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in MySQL and MariaDB, the\nworst of which could allow remote attackers to cause a Denial of\nService condition or obtain sensitive information. MariaDB is an\nenhanced, drop-in replacement for MySQL. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-db/mysql \u003c 5.6.31 \u003e= 5.6.31\n 2 dev-db/mariadb \u003c 10.0.27 *\u003e 5.5.51\n 3 dev-db/mariab \u003e= 10.0.27\n -------------------------------------------------------------------\n 3 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in MySQL and MariaDB. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll MySQL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-db/mysql-5.6.31\"\n\nAll MariaDB users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-db/mariadb-10.0.27\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-2582\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2582\n[ 2 ] CVE-2015-2611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2611\n[ 3 ] CVE-2015-2617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2617\n[ 4 ] CVE-2015-2620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2620\n[ 5 ] CVE-2015-2639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2639\n[ 6 ] CVE-2015-2641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2641\n[ 7 ] CVE-2015-2643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2643\n[ 8 ] CVE-2015-2648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2648\n[ 9 ] CVE-2015-2661\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2661\n[ 10 ] CVE-2015-4737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4737\n[ 11 ] CVE-2015-4752\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4752\n[ 12 ] CVE-2015-4756\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4756\n[ 13 ] CVE-2015-4757\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4757\n[ 14 ] CVE-2015-4767\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4767\n[ 15 ] CVE-2015-4769\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4769\n[ 16 ] CVE-2015-4771\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4771\n[ 17 ] CVE-2015-4772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4772\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201610-06\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: mariadb security update\nAdvisory ID: RHSA-2015:1665-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1665.html\nIssue date: 2015-08-24\nCVE Names: CVE-2015-0433 CVE-2015-0441 CVE-2015-0499 \n CVE-2015-0501 CVE-2015-0505 CVE-2015-2568 \n CVE-2015-2571 CVE-2015-2573 CVE-2015-2582 \n CVE-2015-2620 CVE-2015-2643 CVE-2015-2648 \n CVE-2015-3152 CVE-2015-4737 CVE-2015-4752 \n CVE-2015-4757 \n=====================================================================\n\n1. Summary:\n\nUpdated mariadb packages that fix several security issues are now available\nfor Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nMariaDB is a multi-user, multi-threaded SQL database server that is binary\ncompatible with MySQL. \n\nIt was found that the MySQL client library permitted but did not require\na client to use SSL/TLS when establishing a secure connection to a MySQL\nserver using the \"--ssl\" option. A man-in-the-middle attacker\ncould use this flaw to strip the SSL/TLS protection from a connection\nbetween a client and a server. (CVE-2015-3152)\n\nThis update fixes several vulnerabilities in the MariaDB database server. \nInformation about these flaws can be found on the Oracle Critical Patch\nUpdate Advisory page, listed in the References section. (CVE-2015-0501,\nCVE-2015-2568, CVE-2015-0499, CVE-2015-2571, CVE-2015-0433, CVE-2015-0441,\nCVE-2015-0505, CVE-2015-2573, CVE-2015-2582, CVE-2015-2620, CVE-2015-2643,\nCVE-2015-2648, CVE-2015-4737, CVE-2015-4752, CVE-2015-4757)\n\nThese updated packages upgrade MariaDB to version 5.5.44. Refer to the\nMariaDB Release Notes listed in the References section for a complete list\nof changes. \n\nAll MariaDB users should upgrade to these updated packages, which correct\nthese issues. After installing this update, the MariaDB server daemon\n(mysqld) will be restarted automatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1212758 - CVE-2015-0501 mysql: unspecified vulnerability related to Server:Compiling (CPU April 2015)\n1212763 - CVE-2015-2568 mysql: unspecified vulnerability related to Server:Security:Privileges (CPU April 2015)\n1212768 - CVE-2015-0499 mysql: unspecified vulnerability related to Server:Federated (CPU April 2015)\n1212772 - CVE-2015-2571 mysql: unspecified vulnerability related to Server:Optimizer (CPU April 2015)\n1212776 - CVE-2015-0433 mysql: unspecified vulnerability related to Server:InnoDB:DML (CPU April 2015)\n1212777 - CVE-2015-0441 mysql: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015)\n1212780 - CVE-2015-0505 mysql: unspecified vulnerability related to Server:DDL (CPU April 2015)\n1212783 - CVE-2015-2573 mysql: unspecified vulnerability related to Server:DDL (CPU April 2015)\n1217506 - CVE-2015-3152 mysql: use of SSL/TLS can not be enforced in mysql client library (oCERT-2015-003, BACKRONYM)\n1244768 - CVE-2015-2582 mysql: unspecified vulnerability related to Server:GIS (CPU July 2015)\n1244771 - CVE-2015-2620 mysql: unspecified vulnerability related to Server:Security:Privileges (CPU July 2015)\n1244774 - CVE-2015-2643 mysql: unspecified vulnerability related to Server:Optimizer (CPU July 2015)\n1244775 - CVE-2015-2648 mysql: unspecified vulnerability related to Server:DML (CPU July 2015)\n1244778 - CVE-2015-4737 mysql: unspecified vulnerability related to Server:Pluggable Auth (CPU July 2015)\n1244779 - CVE-2015-4752 mysql: unspecified vulnerability related to Server:I_S (CPU July 2015)\n1244781 - CVE-2015-4757 mysql: unspecified vulnerability related to Server:Optimizer (CPU July 2015)\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nmariadb-5.5.44-1.el7_1.src.rpm\n\nx86_64:\nmariadb-5.5.44-1.el7_1.x86_64.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.i686.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm\nmariadb-libs-5.5.44-1.el7_1.i686.rpm\nmariadb-libs-5.5.44-1.el7_1.x86_64.rpm\nmariadb-server-5.5.44-1.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nmariadb-bench-5.5.44-1.el7_1.x86_64.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.i686.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm\nmariadb-devel-5.5.44-1.el7_1.i686.rpm\nmariadb-devel-5.5.44-1.el7_1.x86_64.rpm\nmariadb-embedded-5.5.44-1.el7_1.i686.rpm\nmariadb-embedded-5.5.44-1.el7_1.x86_64.rpm\nmariadb-embedded-devel-5.5.44-1.el7_1.i686.rpm\nmariadb-embedded-devel-5.5.44-1.el7_1.x86_64.rpm\nmariadb-test-5.5.44-1.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nmariadb-5.5.44-1.el7_1.src.rpm\n\nx86_64:\nmariadb-5.5.44-1.el7_1.x86_64.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.i686.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm\nmariadb-libs-5.5.44-1.el7_1.i686.rpm\nmariadb-libs-5.5.44-1.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nmariadb-bench-5.5.44-1.el7_1.x86_64.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.i686.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm\nmariadb-devel-5.5.44-1.el7_1.i686.rpm\nmariadb-devel-5.5.44-1.el7_1.x86_64.rpm\nmariadb-embedded-5.5.44-1.el7_1.i686.rpm\nmariadb-embedded-5.5.44-1.el7_1.x86_64.rpm\nmariadb-embedded-devel-5.5.44-1.el7_1.i686.rpm\nmariadb-embedded-devel-5.5.44-1.el7_1.x86_64.rpm\nmariadb-server-5.5.44-1.el7_1.x86_64.rpm\nmariadb-test-5.5.44-1.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nmariadb-5.5.44-1.el7_1.src.rpm\n\nppc64:\nmariadb-5.5.44-1.el7_1.ppc64.rpm\nmariadb-bench-5.5.44-1.el7_1.ppc64.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.ppc.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.ppc64.rpm\nmariadb-devel-5.5.44-1.el7_1.ppc.rpm\nmariadb-devel-5.5.44-1.el7_1.ppc64.rpm\nmariadb-libs-5.5.44-1.el7_1.ppc.rpm\nmariadb-libs-5.5.44-1.el7_1.ppc64.rpm\nmariadb-server-5.5.44-1.el7_1.ppc64.rpm\nmariadb-test-5.5.44-1.el7_1.ppc64.rpm\n\ns390x:\nmariadb-5.5.44-1.el7_1.s390x.rpm\nmariadb-bench-5.5.44-1.el7_1.s390x.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.s390.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.s390x.rpm\nmariadb-devel-5.5.44-1.el7_1.s390.rpm\nmariadb-devel-5.5.44-1.el7_1.s390x.rpm\nmariadb-libs-5.5.44-1.el7_1.s390.rpm\nmariadb-libs-5.5.44-1.el7_1.s390x.rpm\nmariadb-server-5.5.44-1.el7_1.s390x.rpm\nmariadb-test-5.5.44-1.el7_1.s390x.rpm\n\nx86_64:\nmariadb-5.5.44-1.el7_1.x86_64.rpm\nmariadb-bench-5.5.44-1.el7_1.x86_64.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.i686.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm\nmariadb-devel-5.5.44-1.el7_1.i686.rpm\nmariadb-devel-5.5.44-1.el7_1.x86_64.rpm\nmariadb-libs-5.5.44-1.el7_1.i686.rpm\nmariadb-libs-5.5.44-1.el7_1.x86_64.rpm\nmariadb-server-5.5.44-1.el7_1.x86_64.rpm\nmariadb-test-5.5.44-1.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nmariadb-5.5.44-1.ael7b_1.src.rpm\n\nppc64le:\nmariadb-5.5.44-1.ael7b_1.ppc64le.rpm\nmariadb-bench-5.5.44-1.ael7b_1.ppc64le.rpm\nmariadb-debuginfo-5.5.44-1.ael7b_1.ppc64le.rpm\nmariadb-devel-5.5.44-1.ael7b_1.ppc64le.rpm\nmariadb-libs-5.5.44-1.ael7b_1.ppc64le.rpm\nmariadb-server-5.5.44-1.ael7b_1.ppc64le.rpm\nmariadb-test-5.5.44-1.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nmariadb-debuginfo-5.5.44-1.el7_1.ppc.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.ppc64.rpm\nmariadb-embedded-5.5.44-1.el7_1.ppc.rpm\nmariadb-embedded-5.5.44-1.el7_1.ppc64.rpm\nmariadb-embedded-devel-5.5.44-1.el7_1.ppc.rpm\nmariadb-embedded-devel-5.5.44-1.el7_1.ppc64.rpm\n\ns390x:\nmariadb-debuginfo-5.5.44-1.el7_1.s390.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.s390x.rpm\nmariadb-embedded-5.5.44-1.el7_1.s390.rpm\nmariadb-embedded-5.5.44-1.el7_1.s390x.rpm\nmariadb-embedded-devel-5.5.44-1.el7_1.s390.rpm\nmariadb-embedded-devel-5.5.44-1.el7_1.s390x.rpm\n\nx86_64:\nmariadb-debuginfo-5.5.44-1.el7_1.i686.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm\nmariadb-embedded-5.5.44-1.el7_1.i686.rpm\nmariadb-embedded-5.5.44-1.el7_1.x86_64.rpm\nmariadb-embedded-devel-5.5.44-1.el7_1.i686.rpm\nmariadb-embedded-devel-5.5.44-1.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64le:\nmariadb-debuginfo-5.5.44-1.ael7b_1.ppc64le.rpm\nmariadb-embedded-5.5.44-1.ael7b_1.ppc64le.rpm\nmariadb-embedded-devel-5.5.44-1.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nmariadb-5.5.44-1.el7_1.src.rpm\n\nx86_64:\nmariadb-5.5.44-1.el7_1.x86_64.rpm\nmariadb-bench-5.5.44-1.el7_1.x86_64.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.i686.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm\nmariadb-devel-5.5.44-1.el7_1.i686.rpm\nmariadb-devel-5.5.44-1.el7_1.x86_64.rpm\nmariadb-libs-5.5.44-1.el7_1.i686.rpm\nmariadb-libs-5.5.44-1.el7_1.x86_64.rpm\nmariadb-server-5.5.44-1.el7_1.x86_64.rpm\nmariadb-test-5.5.44-1.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nmariadb-debuginfo-5.5.44-1.el7_1.i686.rpm\nmariadb-debuginfo-5.5.44-1.el7_1.x86_64.rpm\nmariadb-embedded-5.5.44-1.el7_1.i686.rpm\nmariadb-embedded-5.5.44-1.el7_1.x86_64.rpm\nmariadb-embedded-devel-5.5.44-1.el7_1.i686.rpm\nmariadb-embedded-devel-5.5.44-1.el7_1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-0433\nhttps://access.redhat.com/security/cve/CVE-2015-0441\nhttps://access.redhat.com/security/cve/CVE-2015-0499\nhttps://access.redhat.com/security/cve/CVE-2015-0501\nhttps://access.redhat.com/security/cve/CVE-2015-0505\nhttps://access.redhat.com/security/cve/CVE-2015-2568\nhttps://access.redhat.com/security/cve/CVE-2015-2571\nhttps://access.redhat.com/security/cve/CVE-2015-2573\nhttps://access.redhat.com/security/cve/CVE-2015-2582\nhttps://access.redhat.com/security/cve/CVE-2015-2620\nhttps://access.redhat.com/security/cve/CVE-2015-2643\nhttps://access.redhat.com/security/cve/CVE-2015-2648\nhttps://access.redhat.com/security/cve/CVE-2015-3152\nhttps://access.redhat.com/security/cve/CVE-2015-4737\nhttps://access.redhat.com/security/cve/CVE-2015-4752\nhttps://access.redhat.com/security/cve/CVE-2015-4757\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttp://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL\nhttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL\nhttps://mariadb.com/kb/en/mariadb/mariadb-5544-release-notes/\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFV228TXlSAg2UNWIIRAm1mAJ0bzbWNcno0Sy/+xCRBh61u0Og5LQCfYvOB\ntzK/FpD+vNcUAhqnRuiFgiM=\n=BpLD\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2620"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003712"
},
{
"db": "VULHUB",
"id": "VHN-80581"
},
{
"db": "VULMON",
"id": "CVE-2015-2620"
},
{
"db": "PACKETSTORM",
"id": "133092"
},
{
"db": "PACKETSTORM",
"id": "133090"
},
{
"db": "PACKETSTORM",
"id": "132770"
},
{
"db": "PACKETSTORM",
"id": "133091"
},
{
"db": "PACKETSTORM",
"id": "132744"
},
{
"db": "PACKETSTORM",
"id": "133232"
},
{
"db": "PACKETSTORM",
"id": "133233"
},
{
"db": "PACKETSTORM",
"id": "139061"
},
{
"db": "PACKETSTORM",
"id": "133276"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-2620",
"trust": 3.5
},
{
"db": "SECTRACK",
"id": "1032911",
"trust": 1.8
},
{
"db": "JUNIPER",
"id": "JSA10698",
"trust": 1.8
},
{
"db": "BID",
"id": "75837",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003712",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201507-518",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-80581",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-2620",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133092",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133090",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132770",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133091",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132744",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133232",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133233",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139061",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133276",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-80581"
},
{
"db": "VULMON",
"id": "CVE-2015-2620"
},
{
"db": "PACKETSTORM",
"id": "133092"
},
{
"db": "PACKETSTORM",
"id": "133090"
},
{
"db": "PACKETSTORM",
"id": "132770"
},
{
"db": "PACKETSTORM",
"id": "133091"
},
{
"db": "PACKETSTORM",
"id": "132744"
},
{
"db": "PACKETSTORM",
"id": "133232"
},
{
"db": "PACKETSTORM",
"id": "133233"
},
{
"db": "PACKETSTORM",
"id": "139061"
},
{
"db": "PACKETSTORM",
"id": "133276"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-518"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003712"
},
{
"db": "NVD",
"id": "CVE-2015-2620"
}
]
},
"id": "VAR-201507-0303",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-80581"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:38:20.631000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Oracle Critical Patch Update Advisory - July 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015verbose-2367947.html"
},
{
"title": "RHSA-2015:1630",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2015-1630.html"
},
{
"title": "July 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2015_critical_patch_update"
},
{
"title": "JSA10698",
"trust": 0.8,
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"title": "Oracle MySQL Server Server:Security:Privileges Subcomponent security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89460"
},
{
"title": "Red Hat: CVE-2015-2620",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-2620"
},
{
"title": "Debian CVElist Bug Report Logs: mysql-5.5: Multiple security fixes from the July 2015 CPU",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=80ce8a549a7222b391a7db7e578bd59a"
},
{
"title": "Ubuntu Security Notice: mysql-5.5, mysql-5.6 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2674-1"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=459961024c4bdce7bb3a1a40a65a6f2e"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2015-2620 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-2620"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-518"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003712"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2620"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201610-06"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1628.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1629.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1630.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1646.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1647.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1665.html"
},
{
"trust": 1.9,
"url": "http://www.ubuntu.com/usn/usn-2674-1"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/75837"
},
{
"trust": 1.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2015/dsa-3308"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1032911"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10698"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4737"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2643"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2620"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4752"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2582"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2648"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4757"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2620"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2620"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2015-2620"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2015-4752"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2015-4757"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2015-2648"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2015-2643"
},
{
"trust": 0.6,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#appendixmsql"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2015-4737"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2015-2582"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4772"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4771"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2661"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4769"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2641"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2639"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2611"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4767"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2617"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2571"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-2568"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-0501"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0441"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-2573"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-0433"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0501"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0433"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0499"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0505"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-0441"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2573"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2568"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-0499"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-0505"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-2571"
},
{
"trust": 0.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#appendixmsql"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4761"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4756"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3152"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3152"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4772"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-2617"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-2641"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-2611"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-2661"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4769"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4767"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4771"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-2639"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4761"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4756"
},
{
"trust": 0.2,
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-45.html"
},
{
"trust": 0.2,
"url": "http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-44.html"
},
{
"trust": 0.2,
"url": "https://mariadb.com/kb/en/mariadb/mariadb-5544-release-notes/"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10698"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2015-2620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39985"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2674-1/"
},
{
"trust": 0.1,
"url": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-26.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#appendixmsql"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-6568"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0432"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0411"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0382"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0381"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0391"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0391"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0432"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0411"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0374"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6568"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0374"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0382"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0381"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.44-0ubuntu0.14.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.44-0ubuntu0.12.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.44-0ubuntu0.14.10.1"
},
{
"trust": 0.1,
"url": "http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-25.html"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/mysql-5.6/5.6.25-0ubuntu0.15.04.1"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10020-release-notes/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4757"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4767"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4769"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4756"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2617"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2582"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4772"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2661"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2639"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4771"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2643"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4752"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-80581"
},
{
"db": "VULMON",
"id": "CVE-2015-2620"
},
{
"db": "PACKETSTORM",
"id": "133092"
},
{
"db": "PACKETSTORM",
"id": "133090"
},
{
"db": "PACKETSTORM",
"id": "132770"
},
{
"db": "PACKETSTORM",
"id": "133091"
},
{
"db": "PACKETSTORM",
"id": "132744"
},
{
"db": "PACKETSTORM",
"id": "133232"
},
{
"db": "PACKETSTORM",
"id": "133233"
},
{
"db": "PACKETSTORM",
"id": "139061"
},
{
"db": "PACKETSTORM",
"id": "133276"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-518"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003712"
},
{
"db": "NVD",
"id": "CVE-2015-2620"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-80581",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-2620",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133092",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133090",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132770",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133091",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132744",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133232",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133233",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "139061",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133276",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201507-518",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003712",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-2620",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-07-16T00:00:00",
"db": "VULHUB",
"id": "VHN-80581",
"ident": null
},
{
"date": "2015-07-16T00:00:00",
"db": "VULMON",
"id": "CVE-2015-2620",
"ident": null
},
{
"date": "2015-08-17T15:38:50",
"db": "PACKETSTORM",
"id": "133092",
"ident": null
},
{
"date": "2015-08-17T15:38:25",
"db": "PACKETSTORM",
"id": "133090",
"ident": null
},
{
"date": "2015-07-21T23:42:40",
"db": "PACKETSTORM",
"id": "132770",
"ident": null
},
{
"date": "2015-08-17T15:38:38",
"db": "PACKETSTORM",
"id": "133091",
"ident": null
},
{
"date": "2015-07-20T15:45:44",
"db": "PACKETSTORM",
"id": "132744",
"ident": null
},
{
"date": "2015-08-21T16:58:17",
"db": "PACKETSTORM",
"id": "133232",
"ident": null
},
{
"date": "2015-08-21T16:58:26",
"db": "PACKETSTORM",
"id": "133233",
"ident": null
},
{
"date": "2016-10-12T04:50:26",
"db": "PACKETSTORM",
"id": "139061",
"ident": null
},
{
"date": "2015-08-24T22:05:44",
"db": "PACKETSTORM",
"id": "133276",
"ident": null
},
{
"date": "2015-07-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-518",
"ident": null
},
{
"date": "2015-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003712",
"ident": null
},
{
"date": "2015-07-16T10:59:43.653000",
"db": "NVD",
"id": "CVE-2015-2620",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2019-02-05T00:00:00",
"db": "VULHUB",
"id": "VHN-80581",
"ident": null
},
{
"date": "2022-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2015-2620",
"ident": null
},
{
"date": "2022-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201507-518",
"ident": null
},
{
"date": "2015-10-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003712",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-2620",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "139061"
},
{
"db": "CNNVD",
"id": "CNNVD-201507-518"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "Oracle MySQL of MySQL Server In Server : Security : Privileges Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003712"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201507-518"
}
],
"trust": 0.6
}
}
VAR-201501-0434
Vulnerability from variot - Updated: 2026-04-10 22:38The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c. OpenSSL is prone to an unspecified security weakness. Little is known about this issue or its effects at this time. We will update this BID as more information emerges. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.
Security Fix(es):
-
It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. (CVE-2015-0204)
-
An integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncodeUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. (CVE-2016-2105)
-
An integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncryptUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. (CVE-2016-2106)
-
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the mod_cluster via service messages (MCMP). (CVE-2014-3570)
Red Hat would like to thank Scott Geary (VendHQ) for reporting CVE-2016-5387; the OpenSSL project for reporting CVE-2016-2105 and CVE-2016-2106; and Michal Karm Babacek for reporting CVE-2016-3110. Upstream acknowledges Guido Vranken as the original reporter of CVE-2016-2105 and CVE-2016-2106. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-15:01.openssl Security Advisory The FreeBSD Project
Topic: OpenSSL multiple vulnerabilities
Category: contrib Module: openssl Announced: 2015-01-14 Affects: All supported versions of FreeBSD. Corrected: 2015-01-09 00:58:20 UTC (stable/10, 10.1-STABLE) 2015-01-14 21:27:46 UTC (releng/10.1, 10.1-RELEASE-p4) 2015-01-14 21:27:46 UTC (releng/10.0, 10.0-RELEASE-p16) 2015-01-09 01:11:43 UTC (stable/9, 9.3-STABLE) 2015-01-14 21:27:46 UTC (releng/9.3, 9.3-RELEASE-p8) 2015-01-09 01:11:43 UTC (stable/8, 8.4-STABLE) 2015-01-14 21:27:46 UTC (releng/8.4, 8.4-RELEASE-p22) CVE Name: CVE-2014-3571, CVE-2015-0206, CVE-2014-3569, CVE-2014-3572 CVE-2015-0204, CVE-2015-0205, CVE-2014-8275, CVE-2014-3570
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
II. [CVE-2014-3569] This does not affect FreeBSD's default build. [CVE-2014-3570]
III. Impact
An attacker who can send a carefully crafted DTLS message can cause server daemons that uses OpenSSL to crash, resulting a Denial of Service. [CVE-2014-8275]
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 8.4 and FreeBSD 9.3]
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch.asc
gpg --verify openssl-9.3.patch.asc
[FreeBSD 10.0]
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch.asc
gpg --verify openssl-10.0.patch.asc
[FreeBSD 10.1]
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch.asc
gpg --verify openssl-10.1.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart all deamons using the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r276865 releng/8.4/ r277195 stable/9/ r276865 releng/9.3/ r277195 stable/10/ r276864 releng/10.0/ r277195 releng/10.1/ r277195
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.1.1 (FreeBSD)
iQIcBAEBCgAGBQJUtuEaAAoJEO1n7NZdz2rnQCcP/A19v5HUUhjz5nMbUumRwAmB QCxNKEy6SbAuxtIwGNYJyyxKIK3R9vTHwlgyQZVb4q8FgMHcu4yABeRfov10mO5Q U7RkLOJyca6eqEngkrh+AFfbhqfxtccIMUQkDdegsQcqZd2Ya0VeNfjA8H0XIDoL JSEoCifmxjv6v8ZcpugahsUOBmEWx+vyHJUSPVSv/AsLubzV3hqi4iLpzLky3/dR 4LHGzPny07NkGPVqOBU7mjTs76SzCTS2c4NIVfvbphx8UojMvREbZ8ogCMEVGBXY fIWesi7Y6lhqbSgWj1EXyZF9NTo/Z4nr7Oh1ER5VSAfmhZAdyhEEEGQrg4Jq0VL3 DJ1Y35Up79xXmVjB14COxodI5UO+55wWnXb8r/zy/eh+wv0sHwlTz56wxo7SxAOa xOrQj0VJ7zghLhBO7azacbVYIKpfQkJafb7XRUOqu4wt2y3/jeL+0UkWJnNMROrq aQUB6SdGUVDwQsmodgF0rsGcQYXhaQBPu4KQo8yG8+rpqc2zewi537BJr/PWJvH0 sJ6yYcD7VGyIleVRDpxsg7uBWelnGn+AqHignbyUcic4j/N9lYlF00AVgka2TdOp i5eZtp7m95v53S4fEX2HGwWpOv+AfCrSKQZGpvdNx+9JyD3LyOvFBxs4k0oZWa6J 6FLFZ38YkLcUIzW6I6Kc =ztFk -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update Advisory ID: RHSA-2015:0849-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0849.html Issue date: 2015-04-16 CVE Names: CVE-2014-3570 CVE-2014-3586 CVE-2014-8111 CVE-2015-0204 CVE-2015-0226 CVE-2015-0227 CVE-2015-0277 =====================================================================
- Summary:
Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.0, and fix multiple security issues, several bugs, and add various enhancements, are now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Description:
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.
It was found that a prior countermeasure in Apache WSS4J for Bleichenbacher's attack on XML Encryption (CVE-2011-2487) threw an exception that permitted an attacker to determine the failure of the attempted attack, thereby leaving WSS4J vulnerable to the attack. The original flaw allowed a remote attacker to recover the entire plain text form of a symmetric key. (CVE-2015-0226)
A flaw was found in the way PicketLink's Service Provider and Identity Provider handled certain requests. A remote attacker could use this flaw to log to a victim's account via PicketLink. (CVE-2015-0277)
It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them. (CVE-2015-0204)
It was found that Apache WSS4J permitted bypass of the requireSignedEncryptedDataElements configuration property via XML Signature wrapping attacks. A remote attacker could use this flaw to modify the contents of a signed request. This flaw could possibly affect certain OpenSSL library functionality, such as RSA blinding. (CVE-2014-3570)
It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not accessible to them. (CVE-2014-3586)
The CVE-2015-0277 issue was discovered by Ondrej Kotek of Red Hat.
This release of JBoss Enterprise Application Platform also includes bug fixes and enhancements. Documentation for these changes will be available shortly from the JBoss Enterprise Application Platform 6.4.0 Release Notes, linked to in the References.
All users of Red Hat JBoss Enterprise Application Platform 6.3 as provided from the Red Hat Customer Portal are advised to apply this update. The JBoss server process must be restarted for the update to take effect. Solution:
The References section of this erratum contains a download link (you must log in to download the update). Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. Bugs fixed (https://bugzilla.redhat.com/):
1126687 - CVE-2014-3586 JBoss AS CLI: Insecure default permissions on history file 1180184 - CVE-2015-0204 openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK) 1180240 - CVE-2014-3570 openssl: Bignum squaring may produce incorrect results 1182591 - CVE-2014-8111 Tomcat mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing 1191446 - CVE-2015-0226 wss4j: Apache WSS4J is vulnerable to Bleichenbacher's attack (incomplete fix for CVE-2011-2487) 1191451 - CVE-2015-0227 wss4j: Apache WSS4J doesn't correctly enforce the requireSignedEncryptedDataElements property 1194832 - CVE-2015-0277 PicketLink: SP does not take Audience condition of a SAML assertion into account
- References:
https://access.redhat.com/security/cve/CVE-2014-3570 https://access.redhat.com/security/cve/CVE-2014-3586 https://access.redhat.com/security/cve/CVE-2014-8111 https://access.redhat.com/security/cve/CVE-2015-0204 https://access.redhat.com/security/cve/CVE-2015-0226 https://access.redhat.com/security/cve/CVE-2015-0227 https://access.redhat.com/security/cve/CVE-2015-0277 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=appplatform&version=6.4 https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack (CVE-2014-0076).
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug (CVE-2014-0160).
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition (CVE-2014-0198).
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224).
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value (CVE-2014-3470).
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue (CVE-2014-3566).
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix (CVE-2014-3569).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message (CVE-2014-3572).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the FREAK issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations (CVE-2015-0204).
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import (CVE-2015-0209).
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse (CVE-2015-0287).
The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289).
The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293 http://openssl.org/news/secadv_20150108.txt http://openssl.org/news/secadv_20150319.txt
Updated Packages:
Mandriva Business Server 2/X86_64: 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS kz0ex6eI6hA6qSwklA2NoXY= =GYjX -----END PGP SIGNATURE----- .
Release Date: 2015-08-24 Last Updated: 2015-08-24
Potential Security Impact: Remote unauthorized modification, unauthorized access, or unauthorized disclosure of information.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Matrix Operating Environment. The vulnerabilities could be exploited remotely resulting in unauthorized modification, unauthorized access, or unauthorized disclosure of information.
References:
CVE-2010-5107 CVE-2013-0248 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-1692 CVE-2014-3523 CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8142 CVE-2014-8275 CVE-2014-9427 CVE-2014-9652 CVE-2014-9653 CVE-2014-9705 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0207 CVE-2015-0208 CVE-2015-0209 CVE-2015-0231 CVE-2015-0232 CVE-2015-0273 CVE-2015-0285 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0290 CVE-2015-0291 CVE-2015-0292 CVE-2015-0293 CVE-2015-1787 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-2134 CVE-2015-2139 CVE-2015-2140 CVE-2015-2301 CVE-2015-2331 CVE-2015-2348 CVE-2015-2787 CVE-2015-3113 CVE-2015-5122 CVE-2015-5123 CVE-2015-5402 CVE-2015-5403 CVE-2015-5404 CVE-2015-5405 CVE-2015-5427 CVE-2015-5428 CVE-2015-5429 CVE-2015-5430 CVE-2015-5431 CVE-2015-5432 CVE-2015-5433
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Matrix Operating Environment impacted software components and versions:
HP Systems Insight Manager (SIM) prior to version 7.5.0 HP System Management Homepage (SMH) prior to version 7.5.0 HP Version Control Agent (VCA) prior to version 7.5.0 HP Version Control Repository Manager (VCRM) prior to version 7.5.0 HP Insight Orchestration prior to version 7.5.0 HP Virtual Connect Enterprise Manager (VCEM) prior to version 7.5.0
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5107 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-0248 (AV:L/AC:M/Au:N/C:N/I:P/A:P) 3.3 CVE-2014-0118 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0226 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0231 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-1692 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-3523 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-8142 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-9427 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9652 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-9653 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9705 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0204 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0207 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0208 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-0209 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-0231 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0232 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-0273 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0285 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2015-0286 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0287 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0288 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0289 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0290 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0291 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0293 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1787 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6 CVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-2134 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0 CVE-2015-2139 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5 CVE-2015-2140 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9 CVE-2015-2301 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-2331 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-2348 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-2787 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-3113 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5123 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5402 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2015-5403 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5 CVE-2015-5404 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5405 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0 CVE-2015-5427 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5428 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5429 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5430 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2015-5431 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9 CVE-2015-5432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5433 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve the vulnerabilities in the impacted versions of HP Matrix Operating Environment
HP Matrix Operating Environment 7.5.0 is only available on DVD. Please order the latest version of the HP Matrix Operating Environment 7.5.0 DVD #2 ISO from the following location:
http://www.hp.com/go/insightupdates
Choose the orange Select button. This presents the HP Insight Management Media order page. Choose Insight Management 7.5 DVD-2-ZIP August 2015 from the Software specification list. Fill out the rest of the form and submit it.
HP has addressed these vulnerabilities for the affected software components bundled with the HP Matrix Operating Environment in the following HP Security Bulletins.
HP Matrix Operating Environment component HP Security Bulletin Number Security Bulletin Location
HP Systems Insight Manager (SIM) HPSBMU03394 HPSBMU03394 https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04762744
HP System Management Homepage (SMH) HPSBMU03380 http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04746490&la ng=en-us&cc=
HP Version Control Agent (VCA) HPSBMU03397 https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04765169
HP Version Control Repository Manager (VCRM) HPSBMU03396 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr _na-c04765115
HP Virtual Connect Enterprise Manager (VCEM) SDK HPSBMU03413 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr _na-c04774021
HISTORY Version:1 (rev.1) - 24 August 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. OpenSSL Security Advisory [08 Jan 2015] =======================================
DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)
Severity: Moderate
A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Markus Stenberg of Cisco Systems, Inc. The fix was developed by Stephen Henson of the OpenSSL core team.
DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)
Severity: Moderate
A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion.
This issue affects OpenSSL versions: 1.0.1 and 1.0.0.
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p.
This issue was reported to OpenSSL on 7th January 2015 by Chris Mueller who also provided an initial patch. Further analysis was performed by Matt Caswell of the OpenSSL development team, who also developed the final patch.
no-ssl3 configuration sets method to NULL (CVE-2014-3569)
Severity: Low
When openssl is built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl method would be set to NULL which could later result in a NULL pointer dereference.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 17th October 2014 by Frank Schmirler. The fix was developed by Kurt Roeckx.
ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)
Severity: Low
An OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite using an ECDSA certificate if the server key exchange message is omitted. This effectively removes forward secrecy from the ciphersuite.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.
RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
Severity: Low
An OpenSSL client will accept the use of an RSA temporary key in a non-export RSA key exchange ciphersuite. A server could present a weak temporary key and downgrade the security of the session.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.
DH client certificates accepted without verification [Server] (CVE-2015-0205)
Severity: Low
An OpenSSL server will accept a DH certificate for client authentication without the certificate verify message. This effectively allows a client to authenticate without the use of a private key. This only affects servers which trust a client certificate authority which issues certificates containing DH keys: these are extremely rare and hardly ever encountered.
This issue affects OpenSSL versions: 1.0.1 and 1.0.0.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.
Certificate fingerprints can be modified (CVE-2014-8275)
Severity: Low
OpenSSL accepts several non-DER-variations of certificate signature algorithm and signature encodings. OpenSSL also does not enforce a match between the signature algorithm between the signed and unsigned portions of the certificate. By modifying the contents of the signature algorithm or the encoding of the signature, it is possible to change the certificate's fingerprint.
This does not allow an attacker to forge certificates, and does not affect certificate verification or OpenSSL servers/clients in any other way. It also does not affect common revocation mechanisms. Only custom applications that rely on the uniqueness of the fingerprint (e.g. certificate blacklists) may be affected.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
One variant of this issue was discovered by Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program and reported to OpenSSL on 1st December 2014 by NCSC-FI Vulnerability Co-ordination. Another variant was independently reported to OpenSSL on 12th December 2014 by Konrad Kraszewski from Google. Further analysis was conducted and fixes were developed by Stephen Henson of the OpenSSL core team.
Bignum squaring may produce incorrect results (CVE-2014-3570)
Severity: Low
Bignum squaring (BN_sqr) may produce incorrect results on some platforms, including x86_64. This bug occurs at random with a very low probability, and is not known to be exploitable in any way, though its exact impact is difficult to determine. The following has been determined:
) The probability of BN_sqr producing an incorrect result at random is very low: 1/2^64 on the single affected 32-bit platform (MIPS) and 1/2^128 on affected 64-bit platforms. ) On most platforms, RSA follows a different code path and RSA operations are not affected at all. For the remaining platforms (e.g. OpenSSL built without assembly support), pre-existing countermeasures thwart bug attacks [1]. ) Static ECDH is theoretically affected: it is possible to construct elliptic curve points that would falsely appear to be on the given curve. However, there is no known computationally feasible way to construct such points with low order, and so the security of static ECDH private keys is believed to be unaffected. ) Other routines known to be theoretically affected are modular exponentiation, primality testing, DSA, RSA blinding, JPAKE and SRP. No exploits are known and straightforward bug attacks fail - either the attacker cannot control when the bug triggers, or no private key material is involved.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 2nd November 2014 by Pieter Wuille (Blockstream) who also suggested an initial fix. Further analysis was conducted by the OpenSSL development team and Adam Langley of Google. The final fix was developed by Andy Polyakov of the OpenSSL core team.
[1] http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20150108.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
References:
CVE-2014-8275 Cryptographic Issues (CWE-310) CVE-2014-3569 Remote Denial of Service (DoS) CVE-2014-3570 Cryptographic Issues (CWE-310) CVE-2014-3571 Remote Denial of Service (DoS) CVE-2014-3572 Cryptographic Issues (CWE-310) CVE-2015-0204 Cryptographic Issues (CWE-310) SSRT101885
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The updates are available from either of the following sites:
ftp://sl098ze:Secure12@h2.usa.hp.com
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =OPENSSL11I
HP-UX Release HP-UX OpenSSL depot name
B.11.11 (11i v1) OpenSSL_A.00.09.08ze.001_HP-UX_B.11.11_32_64.depot
B.11.23 (11i v2) OpenSSL_A.00.09.08ze.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3) OpenSSL_A.00.09.08ze.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08ze or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "powerlinux 7r2",
"scope": "eq",
"trust": 1.2,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0o"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0n"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"_id": null,
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8zc"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7200"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7700"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7800"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7100"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7400"
},
{
"_id": null,
"model": "power express",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "5200"
},
{
"_id": null,
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "5700"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7300"
},
{
"_id": null,
"model": "powerlinux 7r1",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.1"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.5"
},
{
"_id": null,
"model": "mate collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ata series analog terminal adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600"
},
{
"_id": null,
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.60"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "power system s822",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "bladecenter advanced management module 25r5778",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.186"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1948"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "783.00"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5205635"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.6"
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.80"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "flex system p270 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7954-24x)0"
},
{
"_id": null,
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "6"
},
{
"_id": null,
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "power systems e870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x22025850"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.4"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.50"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.3"
},
{
"_id": null,
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355042540"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79120"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "netezza platform software 7.0.4.7-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.780"
},
{
"_id": null,
"model": "project openssl 0.9.8u",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.2"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.1"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "85100"
},
{
"_id": null,
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2.2"
},
{
"_id": null,
"model": "packetshaper s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "11.0"
},
{
"_id": null,
"model": "cms",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "17.0"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.2"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl 1.0.0p",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"_id": null,
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "flex system p260 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-23x)0"
},
{
"_id": null,
"model": "netezza platform software 7.2.0.4-p3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.0"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "hunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "junos os 13.3r6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "tivoli netcool/reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.19"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.1"
},
{
"_id": null,
"model": "proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"_id": null,
"model": "prime security manager 04.8 qa08",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.70"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.21"
},
{
"_id": null,
"model": "ns oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.0"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "netezza platform software 7.0.2.16-p3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "cognos planning interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.4"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"_id": null,
"model": "project openssl 0.9.8zb",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.0-68"
},
{
"_id": null,
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355041980"
},
{
"_id": null,
"model": "power systems 350.c0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.842"
},
{
"_id": null,
"model": "workflow for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.2"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5750"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "app for netapp data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "flex system manager node types",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79550"
},
{
"_id": null,
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0.870"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2-77"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "telepresence te software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "linux enterprise software development kit sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.1.11"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x350073830"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "7"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.2.2.2"
},
{
"_id": null,
"model": "network configuration and change management service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.840"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37001.1"
},
{
"_id": null,
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"_id": null,
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.8"
},
{
"_id": null,
"model": "power system s814",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310025820"
},
{
"_id": null,
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.21"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"_id": null,
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.60"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.0"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.3"
},
{
"_id": null,
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.6.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1.0"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "10.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.40"
},
{
"_id": null,
"model": "project openssl 1.0.0m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power systems 350.b1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.0"
},
{
"_id": null,
"model": "cognos planning interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.12"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24087380"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power systems 350.e0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "sparc enterprise m5000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.10.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.21"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "alienvault",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.1"
},
{
"_id": null,
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.96"
},
{
"_id": null,
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "project openssl 1.0.1k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50001.1"
},
{
"_id": null,
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8720"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.2"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "power systems 350.e1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "netezza platform software 7.0.2.15-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6.156"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.00"
},
{
"_id": null,
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12"
},
{
"_id": null,
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.8"
},
{
"_id": null,
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"_id": null,
"model": "ns oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12"
},
{
"_id": null,
"model": "system management homepage c",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.186"
},
{
"_id": null,
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079450"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"_id": null,
"model": "enterprise content delivery service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4(7.26)"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.0.10"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8886"
},
{
"_id": null,
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.19"
},
{
"_id": null,
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4"
},
{
"_id": null,
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "app for stream",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.2"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "power systems 350.a0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"_id": null,
"model": "systems insight manager sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.3"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.0.820"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.1"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(5.106)"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.3"
},
{
"_id": null,
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "bcaaa",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"_id": null,
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.1.8"
},
{
"_id": null,
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1.8"
},
{
"_id": null,
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.3"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x22079060"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.4"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x638370"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x88042590"
},
{
"_id": null,
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"_id": null,
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1"
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7967"
},
{
"_id": null,
"model": "dx360 m4 water cooled type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79180"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "initiate master data service patient hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"_id": null,
"model": "content analysis system",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.00"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.02"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.102"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4"
},
{
"_id": null,
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.22"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "application policy infrastructure controller 1.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.1.830"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "820.03"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8852"
},
{
"_id": null,
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nextscale nx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "54550"
},
{
"_id": null,
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8750"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.1"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5205577"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15-210"
},
{
"_id": null,
"model": "10g vfsm for bladecenter",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.6.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x571451.43"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365042550"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.9.1"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3"
},
{
"_id": null,
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "communications core session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.3.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571910"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0-103"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12.201"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.16"
},
{
"_id": null,
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.95"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.2"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.3.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.81"
},
{
"_id": null,
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0-95"
},
{
"_id": null,
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"_id": null,
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2"
},
{
"_id": null,
"model": "project openssl 0.9.8za",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.8"
},
{
"_id": null,
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.00"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "ace30 application control engine module 3.0 a5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "junos os 12.3r10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.45"
},
{
"_id": null,
"model": "unified computing system b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.96"
},
{
"_id": null,
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.3"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079150"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571480"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.6"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.7"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.1"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2.127"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.50"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.800"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "cms r17 r4",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087220"
},
{
"_id": null,
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x350073800"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.60"
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1881"
},
{
"_id": null,
"model": "netezza platform software 7.1.0.4-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "powerlinux 7r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3.2"
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5.6.2"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "flex system fabric si4093 system interconnect module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1-73"
},
{
"_id": null,
"model": "infosphere balanced warehouse c4000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "infosphere master data management patient hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.780"
},
{
"_id": null,
"model": "power systems 350.b0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "system idataplex dx360 m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x63910"
},
{
"_id": null,
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"_id": null,
"model": "sparc enterprise m4000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"_id": null,
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "bcaaa",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"_id": null,
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"_id": null,
"model": "wag310g residential gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "power ese",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0-14"
},
{
"_id": null,
"model": "hunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571460"
},
{
"_id": null,
"model": "sametime community server hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x571431.43"
},
{
"_id": null,
"model": "as infinity",
"scope": "ne",
"trust": 0.3,
"vendor": "pexip",
"version": "8.1"
},
{
"_id": null,
"model": "cognos controller if1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "820.02"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.00"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.11"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.7"
},
{
"_id": null,
"model": "project openssl 1.0.0o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.7"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0.860"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2"
},
{
"_id": null,
"model": "linux enterprise server for vmware sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.146"
},
{
"_id": null,
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"_id": null,
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(0.625)"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7779"
},
{
"_id": null,
"model": "agent desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x88079030"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.3"
},
{
"_id": null,
"model": "sametime community server limited use",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0.870"
},
{
"_id": null,
"model": "flex system p260 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-22x)0"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24087370"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571470"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"_id": null,
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "netezza platform software 7.0.4.8-p3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12.1"
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "52056340"
},
{
"_id": null,
"model": "ctpos 7.0r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.840"
},
{
"_id": null,
"model": "system management homepage a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11.197"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.14"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.3"
},
{
"_id": null,
"model": "power system s824l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15210"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "network performance analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365041990"
},
{
"_id": null,
"model": "system m4 hd type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365054600"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "flex system interconnect fabric",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.80"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.30"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)5.0"
},
{
"_id": null,
"model": "infosphere master data management provider hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.8"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "hunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "560"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "10g vfsm for bladecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3.2"
},
{
"_id": null,
"model": "version control repository manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "power 795",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.740"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "flex system fabric si4093 system interconnect module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.10.0"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.3"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "systems insight manager update",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.31"
},
{
"_id": null,
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "system management homepage 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.51"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.1"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x571430"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "system idataplex dx360 m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x73210"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.21"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "cms r17 r3",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x22279160"
},
{
"_id": null,
"model": "1:10g switch for bladecenter",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.10.0"
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power system s822l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571450"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5504667"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.10"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5205587"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1.1"
},
{
"_id": null,
"model": "project openssl 0.9.8zd",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system idataplex dx360 m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x63800"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "ringmaster appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.60"
},
{
"_id": null,
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "cognos planning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.19"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.5"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "ctpview 7.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.1"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "cognos controller interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.1"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.41"
},
{
"_id": null,
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.10.0"
},
{
"_id": null,
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "bladecenter js22",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7998-61x)0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "vgw",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.5"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.20"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "infosphere balanced warehouse c3000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.32"
},
{
"_id": null,
"model": "1:10g switch for bladecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2.835"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "system m4 bd type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365054660"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.19"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.15"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "openssh for gpfs",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "src series",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355079460"
},
{
"_id": null,
"model": "iptv",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "packetshaper s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "11.2"
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.8"
},
{
"_id": null,
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325025830"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "ns oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.213"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2.106"
},
{
"_id": null,
"model": "web security appliance 9.0.0 -fcs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "systems insight manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355079440"
},
{
"_id": null,
"model": "bladecenter js23",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x)0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.1.830"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "42000"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mint",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage 7.3.2.1",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "3"
},
{
"_id": null,
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571920"
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.14.20"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.760"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "84200"
},
{
"_id": null,
"model": "physical access gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "20500"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079470"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "52056330"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571490"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3"
},
{
"_id": null,
"model": "1:10g switch for bladecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.80"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "bladecenter js43 with feature code",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x8446)0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.6"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.51"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.186"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x330073820"
},
{
"_id": null,
"model": "cognos planning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "2"
},
{
"_id": null,
"model": "power system s824",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "ctp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.10.0"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7500"
},
{
"_id": null,
"model": "packetshaper s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "11.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9.790"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "sparc enterprise m3000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1.730"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x363071580"
},
{
"_id": null,
"model": "power systems e880",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.0"
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.5"
},
{
"_id": null,
"model": "ctpos 7.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "flex system p460 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-42x)0"
},
{
"_id": null,
"model": "content analysis system",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1"
},
{
"_id": null,
"model": "initiate master data service patient hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.5"
},
{
"_id": null,
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.5"
},
{
"_id": null,
"model": "bladecenter t advanced management module 32r0835",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "57100"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.801"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.2"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.10"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "flex system manager node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8734-"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.5"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.20"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.0.820"
},
{
"_id": null,
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.12"
},
{
"_id": null,
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "mobile wireless transport manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "mate design",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24078630"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.61"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4.143"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087330"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.20"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24089560"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.90"
},
{
"_id": null,
"model": "powervu d9190 conditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.02"
},
{
"_id": null,
"model": "bladecenter js12 express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7998-60x)0"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.1"
},
{
"_id": null,
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "jboss enterprise application platform",
"scope": "ne",
"trust": 0.3,
"vendor": "redhat",
"version": "6.4"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8730"
},
{
"_id": null,
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.1.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.3"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.7"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x353071600"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.29)"
},
{
"_id": null,
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"_id": null,
"model": "mate live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.5"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0-12"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.50"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7989"
},
{
"_id": null,
"model": "mobile security suite mss",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1.104"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.6"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.7"
},
{
"_id": null,
"model": "nsm",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.20"
},
{
"_id": null,
"model": "cognos controller if3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.10"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.11"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.6"
},
{
"_id": null,
"model": "flex system p24l compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"_id": null,
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8740"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0.860"
},
{
"_id": null,
"model": "power system s812l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.10"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.2"
},
{
"_id": null,
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.1"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "pulse secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087180"
},
{
"_id": null,
"model": "flex system manager node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8731-"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.11"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.146"
},
{
"_id": null,
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79130"
},
{
"_id": null,
"model": "systems insight manager sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1.73"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "4"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "45000"
},
{
"_id": null,
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"_id": null,
"model": "project openssl 0.9.8zc",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310054570"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "783.01"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.1"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1"
},
{
"_id": null,
"model": "system idataplex dx360 m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x73230"
},
{
"_id": null,
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"_id": null,
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x363073770"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.10"
},
{
"_id": null,
"model": "flex system interconnect fabric",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.10.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1841"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"_id": null,
"model": "cognos controller fp1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "project openssl 1.0.0h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.3"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(3.1)"
},
{
"_id": null,
"model": "netezza platform software 7.1.0.5-p3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.4"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.179"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "8"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "cms r16",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "junos os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355079140"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.20"
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.6"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.01"
},
{
"_id": null,
"model": "power systems 350.d0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1886"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087520"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.40"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.2"
},
{
"_id": null,
"model": "vds service broker",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "74.90"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.40"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x638370"
},
{
"_id": null,
"model": "flex system p260 compute node /fc efd9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.2"
},
{
"_id": null,
"model": "app for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5950"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "junos os 12.3x48-d10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8677"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.2"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10500"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365054540"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "004.000(1233)"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2.835"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2.10"
},
{
"_id": null,
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.841"
},
{
"_id": null,
"model": "sparc enterprise m8000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.3"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "ctpos 6.6r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.2"
},
{
"_id": null,
"model": "cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "junos os 13.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.103"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.3"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.01"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.52"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"_id": null,
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "550"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x350078390"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "management center",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.3.2.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5504965"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.7"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "53000"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"_id": null,
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "communications core session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.2.5"
},
{
"_id": null,
"model": "flex system fabric si4093 system interconnect module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.60"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.0.121"
},
{
"_id": null,
"model": "ios 15.5 s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"_id": null,
"model": "prime performance manager for sps ppm sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "session border controller for enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.70"
},
{
"_id": null,
"model": "content analysis system",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2.3.1"
},
{
"_id": null,
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"_id": null,
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.6"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.31"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x44079170"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"_id": null,
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.1.2"
},
{
"_id": null,
"model": "flex system p460 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-43x)0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "systems insight manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.8"
},
{
"_id": null,
"model": "sparc enterprise m9000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "dx360 m4 water cooled type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79190"
},
{
"_id": null,
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4.750"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.5"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"_id": null,
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325054580"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.8"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.00"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.800"
},
{
"_id": null,
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.1"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)5.1"
},
{
"_id": null,
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9.790"
}
],
"sources": [
{
"db": "BID",
"id": "71939"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
},
{
"db": "NVD",
"id": "CVE-2014-3570"
}
]
},
"credits": {
"_id": null,
"data": "Pieter Wuille",
"sources": [
{
"db": "BID",
"id": "71939"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3570",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-3570",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3570",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201501-160",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-3570",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3570"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
},
{
"db": "NVD",
"id": "CVE-2014-3570"
}
]
},
"description": {
"_id": null,
"data": "The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c. OpenSSL is prone to an unspecified security weakness. \nLittle is known about this issue or its effects at this time. We will update this BID as more information emerges. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library. \n\nSecurity Fix(es):\n\n* It was discovered that httpd used the value of the Proxy header from HTTP\nrequests to initialize the HTTP_PROXY environment variable for CGI scripts,\nwhich in turn was incorrectly used by certain HTTP client implementations\nto configure the proxy for outgoing HTTP requests. (CVE-2015-0204)\n\n* An integer overflow flaw, leading to a buffer overflow, was found in the\nway the EVP_EncodeUpdate() function of OpenSSL parsed very large amounts of\ninput data. A remote attacker could use this flaw to crash an application\nusing OpenSSL or, possibly, execute arbitrary code with the permissions of\nthe user running that application. (CVE-2016-2105)\n\n* An integer overflow flaw, leading to a buffer overflow, was found in the\nway the EVP_EncryptUpdate() function of OpenSSL parsed very large amounts\nof input data. A remote attacker could use this flaw to crash an\napplication using OpenSSL or, possibly, execute arbitrary code with the\npermissions of the user running that application. (CVE-2016-2106)\n\n* It was discovered that it is possible to remotely Segfault Apache http\nserver with a specially crafted string sent to the mod_cluster via service\nmessages (MCMP). (CVE-2014-3570)\n\nRed Hat would like to thank Scott Geary (VendHQ) for reporting\nCVE-2016-5387; the OpenSSL project for reporting CVE-2016-2105 and\nCVE-2016-2106; and Michal Karm Babacek for reporting CVE-2016-3110. \nUpstream acknowledges Guido Vranken as the original reporter of\nCVE-2016-2105 and CVE-2016-2106. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-15:01.openssl Security Advisory\n The FreeBSD Project\n\nTopic: OpenSSL multiple vulnerabilities\n\nCategory: contrib\nModule: openssl\nAnnounced: 2015-01-14\nAffects: All supported versions of FreeBSD. \nCorrected: 2015-01-09 00:58:20 UTC (stable/10, 10.1-STABLE)\n 2015-01-14 21:27:46 UTC (releng/10.1, 10.1-RELEASE-p4)\n 2015-01-14 21:27:46 UTC (releng/10.0, 10.0-RELEASE-p16)\n 2015-01-09 01:11:43 UTC (stable/9, 9.3-STABLE)\n 2015-01-14 21:27:46 UTC (releng/9.3, 9.3-RELEASE-p8)\n 2015-01-09 01:11:43 UTC (stable/8, 8.4-STABLE)\n 2015-01-14 21:27:46 UTC (releng/8.4, 8.4-RELEASE-p22)\nCVE Name: CVE-2014-3571, CVE-2015-0206, CVE-2014-3569, CVE-2014-3572\n CVE-2015-0204, CVE-2015-0205, CVE-2014-8275, CVE-2014-3570\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nI. Background\n\nFreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nII. [CVE-2014-3569] This does not affect\nFreeBSD\u0027s default build. [CVE-2014-3570]\n\nIII. Impact\n\nAn attacker who can send a carefully crafted DTLS message can cause server\ndaemons that uses OpenSSL to crash, resulting a Denial of Service. [CVE-2014-8275]\n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 8.4 and FreeBSD 9.3]\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch.asc\n# gpg --verify openssl-9.3.patch.asc\n\n[FreeBSD 10.0]\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch.asc\n# gpg --verify openssl-10.0.patch.asc\n\n[FreeBSD 10.1]\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch.asc\n# gpg --verify openssl-10.1.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r276865\nreleng/8.4/ r277195\nstable/9/ r276865\nreleng/9.3/ r277195\nstable/10/ r276864\nreleng/10.0/ r277195\nreleng/10.1/ r277195\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://www.openssl.org/news/secadv_20150108.txt\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:01.openssl.asc\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.1.1 (FreeBSD)\n\niQIcBAEBCgAGBQJUtuEaAAoJEO1n7NZdz2rnQCcP/A19v5HUUhjz5nMbUumRwAmB\nQCxNKEy6SbAuxtIwGNYJyyxKIK3R9vTHwlgyQZVb4q8FgMHcu4yABeRfov10mO5Q\nU7RkLOJyca6eqEngkrh+AFfbhqfxtccIMUQkDdegsQcqZd2Ya0VeNfjA8H0XIDoL\nJSEoCifmxjv6v8ZcpugahsUOBmEWx+vyHJUSPVSv/AsLubzV3hqi4iLpzLky3/dR\n4LHGzPny07NkGPVqOBU7mjTs76SzCTS2c4NIVfvbphx8UojMvREbZ8ogCMEVGBXY\nfIWesi7Y6lhqbSgWj1EXyZF9NTo/Z4nr7Oh1ER5VSAfmhZAdyhEEEGQrg4Jq0VL3\nDJ1Y35Up79xXmVjB14COxodI5UO+55wWnXb8r/zy/eh+wv0sHwlTz56wxo7SxAOa\nxOrQj0VJ7zghLhBO7azacbVYIKpfQkJafb7XRUOqu4wt2y3/jeL+0UkWJnNMROrq\naQUB6SdGUVDwQsmodgF0rsGcQYXhaQBPu4KQo8yG8+rpqc2zewi537BJr/PWJvH0\nsJ6yYcD7VGyIleVRDpxsg7uBWelnGn+AqHignbyUcic4j/N9lYlF00AVgka2TdOp\ni5eZtp7m95v53S4fEX2HGwWpOv+AfCrSKQZGpvdNx+9JyD3LyOvFBxs4k0oZWa6J\n6FLFZ38YkLcUIzW6I6Kc\n=ztFk\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update\nAdvisory ID: RHSA-2015:0849-01\nProduct: Red Hat JBoss Enterprise Application Platform\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0849.html\nIssue date: 2015-04-16\nCVE Names: CVE-2014-3570 CVE-2014-3586 CVE-2014-8111 \n CVE-2015-0204 CVE-2015-0226 CVE-2015-0227 \n CVE-2015-0277 \n=====================================================================\n\n1. Summary:\n\nUpdated packages that provide Red Hat JBoss Enterprise Application Platform\n6.4.0, and fix multiple security issues, several bugs, and add various\nenhancements, are now available from the Red Hat Customer Portal. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. Description:\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7. \n\nIt was found that a prior countermeasure in Apache WSS4J for\nBleichenbacher\u0027s attack on XML Encryption (CVE-2011-2487) threw an\nexception that permitted an attacker to determine the failure of the\nattempted attack, thereby leaving WSS4J vulnerable to the attack. \nThe original flaw allowed a remote attacker to recover the entire plain\ntext form of a symmetric key. (CVE-2015-0226)\n\nA flaw was found in the way PicketLink\u0027s Service Provider and Identity\nProvider handled certain requests. A remote attacker could use this flaw to\nlog to a victim\u0027s account via PicketLink. (CVE-2015-0277)\n\nIt was discovered that a JkUnmount rule for a subtree of a previous JkMount\nrule could be ignored. This could allow a remote attacker to potentially\naccess a private artifact in a tree that would otherwise not be accessible\nto them. (CVE-2015-0204)\n\nIt was found that Apache WSS4J permitted bypass of the\nrequireSignedEncryptedDataElements configuration property via XML Signature\nwrapping attacks. A remote attacker could use this flaw to modify the\ncontents of a signed request. This flaw could\npossibly affect certain OpenSSL library functionality, such as RSA\nblinding. (CVE-2014-3570)\n\nIt was found that the Command Line Interface, as provided by Red Hat\nEnterprise Application Platform, created a history file named\n.jboss-cli-history in the user\u0027s home directory with insecure default file\npermissions. This could allow a malicious local user to gain information\notherwise not accessible to them. (CVE-2014-3586)\n\nThe CVE-2015-0277 issue was discovered by Ondrej Kotek of Red Hat. \n\nThis release of JBoss Enterprise Application Platform also includes bug\nfixes and enhancements. Documentation for these changes will be available\nshortly from the JBoss Enterprise Application Platform 6.4.0 Release Notes,\nlinked to in the References. \n\nAll users of Red Hat JBoss Enterprise Application Platform 6.3 as provided\nfrom the Red Hat Customer Portal are advised to apply this update. \nThe JBoss server process must be restarted for the update to take effect. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting Red Hat JBoss Enterprise Application Platform installation and\ndeployed applications. Bugs fixed (https://bugzilla.redhat.com/):\n\n1126687 - CVE-2014-3586 JBoss AS CLI: Insecure default permissions on history file\n1180184 - CVE-2015-0204 openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK)\n1180240 - CVE-2014-3570 openssl: Bignum squaring may produce incorrect results\n1182591 - CVE-2014-8111 Tomcat mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing\n1191446 - CVE-2015-0226 wss4j: Apache WSS4J is vulnerable to Bleichenbacher\u0027s attack (incomplete fix for CVE-2011-2487)\n1191451 - CVE-2015-0227 wss4j: Apache WSS4J doesn\u0027t correctly enforce the requireSignedEncryptedDataElements property\n1194832 - CVE-2015-0277 PicketLink: SP does not take Audience condition of a SAML assertion into account\n\n5. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3570\nhttps://access.redhat.com/security/cve/CVE-2014-3586\nhttps://access.redhat.com/security/cve/CVE-2014-8111\nhttps://access.redhat.com/security/cve/CVE-2015-0204\nhttps://access.redhat.com/security/cve/CVE-2015-0226\nhttps://access.redhat.com/security/cve/CVE-2015-0227\nhttps://access.redhat.com/security/cve/CVE-2015-0277\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=appplatform\u0026version=6.4\nhttps://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/\n\n6. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n \n The Montgomery ladder implementation in OpenSSL through 1.0.0l does\n not ensure that certain swap operations have a constant-time behavior,\n which makes it easier for local users to obtain ECDSA nonces via a\n FLUSH+RELOAD cache side-channel attack (CVE-2014-0076). \n \n The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before\n 1.0.1g do not properly handle Heartbeat Extension packets, which allows\n remote attackers to obtain sensitive information from process memory\n via crafted packets that trigger a buffer over-read, as demonstrated\n by reading private keys, related to d1_both.c and t1_lib.c, aka the\n Heartbleed bug (CVE-2014-0160). \n \n The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g,\n when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a\n buffer pointer during certain recursive calls, which allows remote\n attackers to cause a denial of service (NULL pointer dereference\n and application crash) via vectors that trigger an alert condition\n (CVE-2014-0198). \n \n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before\n 1.0.1h does not properly restrict processing of ChangeCipherSpec\n messages, which allows man-in-the-middle attackers to trigger use of a\n zero-length master key in certain OpenSSL-to-OpenSSL communications,\n and consequently hijack sessions or obtain sensitive information,\n via a crafted TLS handshake, aka the CCS Injection vulnerability\n (CVE-2014-0224). \n \n The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL\n before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when\n an anonymous ECDH cipher suite is used, allows remote attackers to\n cause a denial of service (NULL pointer dereference and client crash)\n by triggering a NULL certificate value (CVE-2014-3470). \n \n The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other\n products, uses nondeterministic CBC padding, which makes it easier\n for man-in-the-middle attackers to obtain cleartext data via a\n padding-oracle attack, aka the POODLE issue (CVE-2014-3566). \n \n The ssl23_get_client_hello function in s23_srvr.c in OpenSSL\n 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to\n use unsupported protocols, which allows remote attackers to cause a\n denial of service (NULL pointer dereference and daemon crash) via\n an unexpected handshake, as demonstrated by an SSLv3 handshake to\n a no-ssl3 application with certain error handling. NOTE: this issue\n became relevant after the CVE-2014-3568 fix (CVE-2014-3569). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote\n SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger\n a loss of forward secrecy by omitting the ServerKeyExchange message\n (CVE-2014-3572). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL\n servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate\n brute-force decryption by offering a weak ephemeral RSA key in a\n noncompliant role, related to the FREAK issue. NOTE: the scope of\n this CVE is only client code based on OpenSSL, not EXPORT_RSA issues\n associated with servers or other TLS implementations (CVE-2015-0204). \n \n Use-after-free vulnerability in the d2i_ECPrivateKey function in\n crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r,\n 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote\n attackers to cause a denial of service (memory corruption and\n application crash) or possibly have unspecified other impact via a\n malformed Elliptic Curve (EC) private-key file that is improperly\n handled during import (CVE-2015-0209). \n \n The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL\n before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2\n before 1.0.2a does not reinitialize CHOICE and ADB data structures,\n which might allow attackers to cause a denial of service (invalid\n write operation and memory corruption) by leveraging an application\n that relies on ASN.1 structure reuse (CVE-2015-0287). \n \n The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before\n 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not\n properly handle a lack of outer ContentInfo, which allows attackers to\n cause a denial of service (NULL pointer dereference and application\n crash) by leveraging an application that processes arbitrary PKCS#7\n data and providing malformed data with ASN.1 encoding, related to\n crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289). \n \n The updated packages have been upgraded to the 1.0.1m version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293\n http://openssl.org/news/secadv_20150108.txt\n http://openssl.org/news/secadv_20150319.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm\n 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm\n a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm \n 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS\nkz0ex6eI6hA6qSwklA2NoXY=\n=GYjX\n-----END PGP SIGNATURE-----\n. \n\nRelease Date: 2015-08-24\nLast Updated: 2015-08-24\n\nPotential Security Impact: Remote unauthorized modification, unauthorized\naccess, or unauthorized disclosure of information. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Matrix\nOperating Environment. The vulnerabilities could be exploited remotely\nresulting in unauthorized modification, unauthorized access, or unauthorized\ndisclosure of information. \n\nReferences:\n\nCVE-2010-5107\nCVE-2013-0248\nCVE-2014-0118\nCVE-2014-0226\nCVE-2014-0231\nCVE-2014-1692\nCVE-2014-3523\nCVE-2014-3569\nCVE-2014-3570\nCVE-2014-3571\nCVE-2014-3572\nCVE-2014-8142\nCVE-2014-8275\nCVE-2014-9427\nCVE-2014-9652\nCVE-2014-9653\nCVE-2014-9705\nCVE-2015-0204\nCVE-2015-0205\nCVE-2015-0206\nCVE-2015-0207\nCVE-2015-0208\nCVE-2015-0209\nCVE-2015-0231\nCVE-2015-0232\nCVE-2015-0273\nCVE-2015-0285\nCVE-2015-0286\nCVE-2015-0287\nCVE-2015-0288\nCVE-2015-0289\nCVE-2015-0290\nCVE-2015-0291\nCVE-2015-0292\nCVE-2015-0293\nCVE-2015-1787\nCVE-2015-1788\nCVE-2015-1789\nCVE-2015-1790\nCVE-2015-1791\nCVE-2015-1792\nCVE-2015-2134\nCVE-2015-2139\nCVE-2015-2140\nCVE-2015-2301\nCVE-2015-2331\nCVE-2015-2348\nCVE-2015-2787\nCVE-2015-3113\nCVE-2015-5122\nCVE-2015-5123\nCVE-2015-5402\nCVE-2015-5403\nCVE-2015-5404\nCVE-2015-5405\nCVE-2015-5427\nCVE-2015-5428\nCVE-2015-5429\nCVE-2015-5430\nCVE-2015-5431\nCVE-2015-5432\nCVE-2015-5433\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Matrix Operating Environment impacted software components and versions:\n\nHP Systems Insight Manager (SIM) prior to version 7.5.0\nHP System Management Homepage (SMH) prior to version 7.5.0\nHP Version Control Agent (VCA) prior to version 7.5.0\nHP Version Control Repository Manager (VCRM) prior to version 7.5.0\nHP Insight Orchestration prior to version 7.5.0\nHP Virtual Connect Enterprise Manager (VCEM) prior to version 7.5.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5107 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-0248 (AV:L/AC:M/Au:N/C:N/I:P/A:P) 3.3\nCVE-2014-0118 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0226 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0231 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-1692 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-3523 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2014-8142 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2014-9427 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-9652 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-9653 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-9705 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0204 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0207 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0208 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-0209 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-0231 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0232 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-0273 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0285 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2015-0286 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0287 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0288 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0289 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0290 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0291 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0293 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1787 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6\nCVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-2134 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0\nCVE-2015-2139 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5\nCVE-2015-2140 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9\nCVE-2015-2301 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-2331 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-2348 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-2787 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-3113 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5123 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5402 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9\nCVE-2015-5403 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5\nCVE-2015-5404 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5405 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0\nCVE-2015-5427 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5428 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5429 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5430 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2015-5431 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9\nCVE-2015-5432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5433 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the\nvulnerabilities in the impacted versions of HP Matrix Operating Environment\n\nHP Matrix Operating Environment 7.5.0 is only available on DVD. Please order\nthe latest version of the HP Matrix Operating Environment 7.5.0 DVD #2 ISO\nfrom the following location:\n\nhttp://www.hp.com/go/insightupdates\n\nChoose the orange Select button. This presents the HP Insight Management\nMedia order page. Choose Insight Management 7.5 DVD-2-ZIP August 2015 from\nthe Software specification list. Fill out the rest of the form and submit it. \n\nHP has addressed these vulnerabilities for the affected software components\nbundled with the HP Matrix Operating Environment in the following HP Security\nBulletins. \n\nHP Matrix Operating Environment component\n HP Security Bulletin Number\n Security Bulletin Location\n\nHP Systems Insight Manager (SIM)\n HPSBMU03394\n HPSBMU03394\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04762744\n\nHP System Management Homepage (SMH)\n HPSBMU03380\n http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04746490\u0026la\nng=en-us\u0026cc=\n\nHP Version Control Agent (VCA)\n HPSBMU03397\n https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04765169\n\nHP Version Control Repository Manager (VCRM)\n HPSBMU03396\n https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr\n_na-c04765115\n\nHP Virtual Connect Enterprise Manager (VCEM) SDK\n HPSBMU03413\n https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr\n_na-c04774021\n\nHISTORY\nVersion:1 (rev.1) - 24 August 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. OpenSSL Security Advisory [08 Jan 2015]\n=======================================\n\nDTLS segmentation fault in dtls1_get_record (CVE-2014-3571)\n===========================================================\n\nSeverity: Moderate\n\nA carefully crafted DTLS message can cause a segmentation fault in OpenSSL due\nto a NULL pointer dereference. This could lead to a Denial Of Service attack. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Markus Stenberg of\nCisco Systems, Inc. The fix was developed by Stephen Henson of the OpenSSL\ncore team. \n\nDTLS memory leak in dtls1_buffer_record (CVE-2015-0206)\n=======================================================\n\nSeverity: Moderate\n\nA memory leak can occur in the dtls1_buffer_record function under certain\nconditions. In particular this could occur if an attacker sent repeated DTLS\nrecords with the same sequence number but for the next epoch. The memory leak\ncould be exploited by an attacker in a Denial of Service attack through memory\nexhaustion. \n\nThis issue affects OpenSSL versions: 1.0.1 and 1.0.0. \n\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. \n\nThis issue was reported to OpenSSL on 7th January 2015 by Chris Mueller who also\nprovided an initial patch. Further analysis was performed by Matt Caswell of the\nOpenSSL development team, who also developed the final patch. \n\nno-ssl3 configuration sets method to NULL (CVE-2014-3569)\n=========================================================\n\nSeverity: Low\n\nWhen openssl is built with the no-ssl3 option and a SSL v3 ClientHello is\nreceived the ssl method would be set to NULL which could later result in\na NULL pointer dereference. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 17th October 2014 by Frank Schmirler. The\nfix was developed by Kurt Roeckx. \n\n\nECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)\n==========================================================\n\nSeverity: Low\n\nAn OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite\nusing an ECDSA certificate if the server key exchange message is omitted. This\neffectively removes forward secrecy from the ciphersuite. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nRSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)\n==============================================================\n\nSeverity: Low\n\nAn OpenSSL client will accept the use of an RSA temporary key in a non-export\nRSA key exchange ciphersuite. A server could present a weak temporary key\nand downgrade the security of the session. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nDH client certificates accepted without verification [Server] (CVE-2015-0205)\n=============================================================================\n\nSeverity: Low\n\nAn OpenSSL server will accept a DH certificate for client authentication\nwithout the certificate verify message. This effectively allows a client\nto authenticate without the use of a private key. This only affects servers\nwhich trust a client certificate authority which issues certificates\ncontaining DH keys: these are extremely rare and hardly ever encountered. \n\nThis issue affects OpenSSL versions: 1.0.1 and 1.0.0. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nCertificate fingerprints can be modified (CVE-2014-8275)\n========================================================\n\nSeverity: Low\n\nOpenSSL accepts several non-DER-variations of certificate signature\nalgorithm and signature encodings. OpenSSL also does not enforce a\nmatch between the signature algorithm between the signed and unsigned\nportions of the certificate. By modifying the contents of the\nsignature algorithm or the encoding of the signature, it is possible\nto change the certificate\u0027s fingerprint. \n\nThis does not allow an attacker to forge certificates, and does not\naffect certificate verification or OpenSSL servers/clients in any\nother way. It also does not affect common revocation mechanisms. Only\ncustom applications that rely on the uniqueness of the fingerprint\n(e.g. certificate blacklists) may be affected. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and\n0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nOne variant of this issue was discovered by Antti Karjalainen and\nTuomo Untinen from the Codenomicon CROSS program and reported to\nOpenSSL on 1st December 2014 by NCSC-FI Vulnerability\nCo-ordination. Another variant was independently reported to OpenSSL\non 12th December 2014 by Konrad Kraszewski from Google. Further\nanalysis was conducted and fixes were developed by Stephen Henson of\nthe OpenSSL core team. \n\nBignum squaring may produce incorrect results (CVE-2014-3570)\n=============================================================\n\nSeverity: Low\n\nBignum squaring (BN_sqr) may produce incorrect results on some\nplatforms, including x86_64. This bug occurs at random with a very\nlow probability, and is not known to be exploitable in any way, though\nits exact impact is difficult to determine. The following has been\ndetermined:\n\n*) The probability of BN_sqr producing an incorrect result at random\nis very low: 1/2^64 on the single affected 32-bit platform (MIPS) and\n1/2^128 on affected 64-bit platforms. \n*) On most platforms, RSA follows a different code path and RSA\noperations are not affected at all. For the remaining platforms\n(e.g. OpenSSL built without assembly support), pre-existing\ncountermeasures thwart bug attacks [1]. \n*) Static ECDH is theoretically affected: it is possible to construct\nelliptic curve points that would falsely appear to be on the given\ncurve. However, there is no known computationally feasible way to\nconstruct such points with low order, and so the security of static\nECDH private keys is believed to be unaffected. \n*) Other routines known to be theoretically affected are modular\nexponentiation, primality testing, DSA, RSA blinding, JPAKE and\nSRP. No exploits are known and straightforward bug attacks fail -\neither the attacker cannot control when the bug triggers, or no\nprivate key material is involved. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 2nd November 2014 by Pieter Wuille\n(Blockstream) who also suggested an initial fix. Further analysis was\nconducted by the OpenSSL development team and Adam Langley of\nGoogle. The final fix was developed by Andy Polyakov of the OpenSSL\ncore team. \n\n[1] http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf\n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nreleases will be provided after that date. Users of these releases are advised\nto upgrade. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20150108.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. These vulnerabilities could be exploited remotely to create a remote\nDenial of Service (DoS) and other vulnerabilites. \n\nReferences:\n\nCVE-2014-8275 Cryptographic Issues (CWE-310)\nCVE-2014-3569 Remote Denial of Service (DoS)\nCVE-2014-3570 Cryptographic Issues (CWE-310)\nCVE-2014-3571 Remote Denial of Service (DoS)\nCVE-2014-3572 Cryptographic Issues (CWE-310)\nCVE-2015-0204 Cryptographic Issues (CWE-310)\nSSRT101885\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The\nupdates are available from either of the following sites:\n\nftp://sl098ze:Secure12@h2.usa.hp.com\n\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber\n=OPENSSL11I\n\nHP-UX Release\n HP-UX OpenSSL depot name\n\nB.11.11 (11i v1)\n OpenSSL_A.00.09.08ze.001_HP-UX_B.11.11_32_64.depot\n\nB.11.23 (11i v2)\n OpenSSL_A.00.09.08ze.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n OpenSSL_A.00.09.08ze.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08ze or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3570"
},
{
"db": "BID",
"id": "71939"
},
{
"db": "VULMON",
"id": "CVE-2014-3570"
},
{
"db": "PACKETSTORM",
"id": "138473"
},
{
"db": "PACKETSTORM",
"id": "129973"
},
{
"db": "PACKETSTORM",
"id": "131471"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "129870"
},
{
"db": "PACKETSTORM",
"id": "133325"
},
{
"db": "PACKETSTORM",
"id": "129867"
},
{
"db": "PACKETSTORM",
"id": "130548"
},
{
"db": "PACKETSTORM",
"id": "130545"
}
],
"trust": 2.07
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-3570",
"trust": 2.9
},
{
"db": "JUNIPER",
"id": "JSA10679",
"trust": 1.4
},
{
"db": "BID",
"id": "71939",
"trust": 1.4
},
{
"db": "MCAFEE",
"id": "SB10102",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10108",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1033378",
"trust": 1.1
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2148",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4252",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2014-3570",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138473",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129973",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131471",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131044",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133325",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129867",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130545",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3570"
},
{
"db": "BID",
"id": "71939"
},
{
"db": "PACKETSTORM",
"id": "138473"
},
{
"db": "PACKETSTORM",
"id": "129973"
},
{
"db": "PACKETSTORM",
"id": "131471"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "129870"
},
{
"db": "PACKETSTORM",
"id": "133325"
},
{
"db": "PACKETSTORM",
"id": "129867"
},
{
"db": "PACKETSTORM",
"id": "130548"
},
{
"db": "PACKETSTORM",
"id": "130545"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
},
{
"db": "NVD",
"id": "CVE-2014-3570"
}
]
},
"id": "VAR-201501-0434",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38117660400000003
},
"last_update_date": "2026-04-10T22:38:15.110000Z",
"patch": {
"_id": null,
"data": [
{
"title": "openssl-1.0.0p",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53190"
},
{
"title": "openssl-0.9.8zd",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53189"
},
{
"title": "openssl-1.0.1k.tar.gz",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53191"
},
{
"title": "Red Hat: Moderate: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150066 - Security Advisory"
},
{
"title": "Red Hat: CVE-2014-3570",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-3570"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2459-1"
},
{
"title": "Debian Security Advisories: DSA-3125-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a3210fee56d96657bbff4ad44c3d0807"
},
{
"title": "Tenable Security Advisories: [R7] OpenSSL \u002720150108\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2015-03"
},
{
"title": "Amazon Linux AMI: ALAS-2015-469",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-469"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
},
{
"title": "Symantec Security Advisories: SA88 : OpenSSL Security Advisory 08-Jan-2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=9281dc3b1a760e1cf2711cdf82cf64d7"
},
{
"title": "Apple: OS X Yosemite v10.10.3 and Security Update 2015-004",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=aa5ab46566482c02434bb8cf65c9614e"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150310-ssl"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eaf98750f1130c39e83765575c69e165"
},
{
"title": "Splunk Security Announcements: Splunk response to January 2015 OpenSSL vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=21b119528a2fb8c78850a17027b71424"
},
{
"title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=459961024c4bdce7bb3a1a40a65a6f2e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3570"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3570"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.6,
"url": "https://www.openssl.org/news/secadv_20150108.txt"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0849.html"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150310-ssl"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.4,
"url": "https://bto.bluecoat.com/security-advisory/sa88"
},
{
"trust": 1.4,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1650.html"
},
{
"trust": 1.1,
"url": "https://github.com/openssl/openssl/commit/a7a44ba55cb4f884c6bc9ceac90072dea38e66d0"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-january/147938.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-january/148363.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/71939"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:019"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3125"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0066.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142720981827617\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/apr/msg00001.html"
},
{
"trust": 1.1,
"url": "https://support.apple.com/ht204659"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033378"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10108"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10102"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887855"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2148/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4252/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765169"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2014-3570"
},
{
"trust": 0.3,
"url": "http://www.pexip.com/sites/pexip/files/pexip_security_bulletin_2015-01-30.pdf"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://www.splunk.com/view/sp-caaanu5#affectedproductsandcomponents"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699883"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/feb/160"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101010784"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04746490"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04602055"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765115"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774019"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774021"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698818"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883857"
},
{
"trust": 0.3,
"url": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory12.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699271"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101008182"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/4475/security-advisory-alienvault-v4-15-1-addresses-twenty-20-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963783"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098593"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903299"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022575"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005159"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700275"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699938"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097733"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005170"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097503"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883287"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097811"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097504"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902694"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902277"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697291"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699235"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903726"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097796"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21697162"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097823"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700411"
},
{
"trust": 0.3,
"url": "www-01.ibm.com/support/docview.wss?uid=swg21700028"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005150"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009328"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695985"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022074"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701453"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959002"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694849"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097360"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699052"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698506"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699810"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699069"
},
{
"trust": 0.3,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-0204"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.2,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=36959"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2459-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5387"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3110"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/documentation/en-us/jboss_enterprise_web_server/2/html-single/installation_guide/index.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5387"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/2.1/html/2.1.1_release_notes/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/vulnerabilities/httpoxy"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3110"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/documentation/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=webserver\u0026downloadtype=distributions\u0026version=2.1.1"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-9.3.patch"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571\u003e"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv_20150108.txt\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-10.0.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-10.1.patch"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-15:01.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-10.0.patch"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-9.3.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-10.1.patch.asc"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0226"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8111"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8111"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=appplatform\u0026version=6.4"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0227"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0227"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0226"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0289"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0287"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150319.txt"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150108.txt"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0207"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0226"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0285"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9653"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04746490\u0026la"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1692"
},
{
"trust": 0.1,
"url": "http://www.hp.com/go/insightupdates"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0248"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04762744"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3570"
},
{
"db": "BID",
"id": "71939"
},
{
"db": "PACKETSTORM",
"id": "138473"
},
{
"db": "PACKETSTORM",
"id": "129973"
},
{
"db": "PACKETSTORM",
"id": "131471"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "129870"
},
{
"db": "PACKETSTORM",
"id": "133325"
},
{
"db": "PACKETSTORM",
"id": "129867"
},
{
"db": "PACKETSTORM",
"id": "130548"
},
{
"db": "PACKETSTORM",
"id": "130545"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
},
{
"db": "NVD",
"id": "CVE-2014-3570"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2014-3570",
"ident": null
},
{
"db": "BID",
"id": "71939",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "138473",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129973",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131471",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131044",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129870",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133325",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129867",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130548",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130545",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-3570",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-01-09T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3570",
"ident": null
},
{
"date": "2015-01-08T00:00:00",
"db": "BID",
"id": "71939",
"ident": null
},
{
"date": "2016-08-22T23:25:00",
"db": "PACKETSTORM",
"id": "138473",
"ident": null
},
{
"date": "2015-01-15T16:53:07",
"db": "PACKETSTORM",
"id": "129973",
"ident": null
},
{
"date": "2015-04-17T06:44:37",
"db": "PACKETSTORM",
"id": "131471",
"ident": null
},
{
"date": "2015-03-27T20:42:44",
"db": "PACKETSTORM",
"id": "131044",
"ident": null
},
{
"date": "2015-01-09T17:43:35",
"db": "PACKETSTORM",
"id": "129870",
"ident": null
},
{
"date": "2015-08-26T01:35:08",
"db": "PACKETSTORM",
"id": "133325",
"ident": null
},
{
"date": "2015-01-09T02:01:10",
"db": "PACKETSTORM",
"id": "129867",
"ident": null
},
{
"date": "2015-02-26T17:13:45",
"db": "PACKETSTORM",
"id": "130548",
"ident": null
},
{
"date": "2015-02-26T17:13:09",
"db": "PACKETSTORM",
"id": "130545",
"ident": null
},
{
"date": "2015-01-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-160",
"ident": null
},
{
"date": "2015-01-09T02:59:00.053000",
"db": "NVD",
"id": "CVE-2014-3570",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-11-15T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3570",
"ident": null
},
{
"date": "2017-01-23T00:09:00",
"db": "BID",
"id": "71939",
"ident": null
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-160",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-3570",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "131471"
},
{
"db": "PACKETSTORM",
"id": "130548"
},
{
"db": "PACKETSTORM",
"id": "130545"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
}
],
"trust": 0.9
},
"title": {
"_id": null,
"data": "OpenSSL BN_sqr Implement encryption vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
}
],
"trust": 0.6
}
}
VAR-201602-0272
Vulnerability from variot - Updated: 2026-04-10 22:35ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. OpenSSL may generate unsafe primes for use in the Diffie-Hellman protocol, which may lead to disclosure of enough information for an attacker to recover the private encryption key. Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. This is known as the "DROWN" attack in the media. OpenSSL is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to perform unauthorized actions. This may lead to other attacks. OpenSSL Security Advisory [1st March 2016] =========================================
NOTE: With this update, OpenSSL is disabling the SSLv2 protocol by default, as well as removing SSLv2 EXPORT ciphers. We strongly advise against the use of SSLv2 due not only to the issues described below, but to the other known deficiencies in the protocol as described at https://tools.ietf.org/html/rfc6176
Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)
Severity: High
A cross-protocol attack was discovered that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. Note that traffic between clients and non-vulnerable servers can be decrypted provided another server supporting SSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or POP) shares the RSA keys of the non-vulnerable server.
Recovering one session key requires the attacker to perform approximately 2^50 computation, as well as thousands of connections to the affected server. A more efficient variant of the DROWN attack exists against unpatched OpenSSL servers using versions that predate 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf released on 19/Mar/2015 (see CVE-2016-0703 below).
Users can avoid this issue by disabling the SSLv2 protocol in all their SSL/TLS servers, if they've not done so already. Disabling all SSLv2 ciphers is also sufficient, provided the patches for CVE-2015-3197 (fixed in OpenSSL 1.0.1r and 1.0.2f) have been deployed. Servers that have not disabled the SSLv2 protocol, and are not patched for CVE-2015-3197 are vulnerable to DROWN even if all SSLv2 ciphers are nominally disabled, because malicious clients can force the use of SSLv2 with EXPORT ciphers.
OpenSSL 1.0.2g and 1.0.1s deploy the following mitigation against DROWN:
SSLv2 is now by default disabled at build-time. Builds that are not configured with "enable-ssl2" will not support SSLv2. Even if "enable-ssl2" is used, users who want to negotiate SSLv2 via the version-flexible SSLv23_method() will need to explicitly call either of:
SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2); or SSL_clear_options(ssl, SSL_OP_NO_SSLv2);
as appropriate. Even if either of those is used, or the application explicitly uses the version-specific SSLv2_method() or its client or server variants, SSLv2 ciphers vulnerable to exhaustive search key recovery have been removed. Specifically, the SSLv2 40-bit EXPORT ciphers, and SSLv2 56-bit DES are no longer available.
In addition, weak ciphers in SSLv3 and up are now disabled in default builds of OpenSSL. Builds that are not configured with "enable-weak-ssl-ciphers" will not provide any "EXPORT" or "LOW" strength ciphers.
OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s
This issue was reported to OpenSSL on December 29th 2015 by Nimrod Aviram and Sebastian Schinzel. The fix was developed by Viktor Dukhovni and Matt Caswell of OpenSSL.
Double-free in DSA code (CVE-2016-0705)
Severity: Low
A double free bug was discovered when OpenSSL parses malformed DSA private keys and could lead to a DoS attack or memory corruption for applications that receive DSA private keys from untrusted sources. This scenario is considered rare.
This issue affects OpenSSL versions 1.0.2 and 1.0.1.
OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s
This issue was reported to OpenSSL on February 7th 2016 by Adam Langley (Google/BoringSSL) using libFuzzer. The fix was developed by Dr Stephen Henson of OpenSSL.
Memory leak in SRP database lookups (CVE-2016-0798)
Severity: Low
The SRP user database lookup method SRP_VBASE_get_by_user had confusing memory management semantics; the returned pointer was sometimes newly allocated, and sometimes owned by the callee. The calling code has no way of distinguishing these two cases.
Specifically, SRP servers that configure a secret seed to hide valid login information are vulnerable to a memory leak: an attacker connecting with an invalid username can cause a memory leak of around 300 bytes per connection. Servers that do not configure SRP, or configure SRP but do not configure a seed are not vulnerable.
In Apache, the seed directive is known as SSLSRPUnknownUserSeed.
To mitigate the memory leak, the seed handling in SRP_VBASE_get_by_user is now disabled even if the user has configured a seed. Applications are advised to migrate to SRP_VBASE_get1_by_user. However, note that OpenSSL makes no strong guarantees about the indistinguishability of valid and invalid logins. In particular, computations are currently not carried out in constant time.
This issue affects OpenSSL versions 1.0.2 and 1.0.1.
OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s
This issue was discovered on February 23rd 2016 by Emilia Käsper of the OpenSSL development team. Emilia Käsper also developed the fix.
BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797)
Severity: Low
In the BN_hex2bn function the number of hex digits is calculated using an int value |i|. Later |bn_expand| is called with a value of |i * 4|. For large values of |i| this can result in |bn_expand| not allocating any memory because |i * 4| is negative. This can leave the internal BIGNUM data field as NULL leading to a subsequent NULL ptr deref. For very large values of |i|, the calculation |i * 4| could be a positive value smaller than |i|. In this case memory is allocated to the internal BIGNUM data field, but it is insufficiently sized leading to heap corruption. A similar issue exists in BN_dec2bn. This could have security consequences if BN_hex2bn/BN_dec2bn is ever called by user applications with very large untrusted hex/dec data. This is anticipated to be a rare occurrence.
All OpenSSL internal usage of these functions use data that is not expected to be untrusted, e.g. config file data or application command line arguments. If user developed applications generate config file data based on untrusted data then it is possible that this could also lead to security consequences. This is also anticipated to be rare.
This issue affects OpenSSL versions 1.0.2 and 1.0.1.
OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s
This issue was reported to OpenSSL on February 19th 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Fix memory issues in BIO_*printf functions (CVE-2016-0799)
Severity: Low
The internal |fmtstr| function used in processing a "%s" format string in the BIO_*printf functions could overflow while calculating the length of a string and cause an OOB read when printing very long strings.
Additionally the internal |doapr_outch| function can attempt to write to an OOB memory location (at an offset from the NULL pointer) in the event of a memory allocation failure. In 1.0.2 and below this could be caused where the size of a buffer to be allocated is greater than INT_MAX. E.g. this could be in processing a very long "%s" format string. Memory leaks can also occur.
The first issue may mask the second issue dependent on compiler behaviour. These problems could enable attacks where large amounts of untrusted data is passed to the BIO_*printf functions. If applications use these functions in this way then they could be vulnerable. OpenSSL itself uses these functions when printing out human-readable dumps of ASN.1 data. Therefore applications that print this data could be vulnerable if the data is from untrusted sources. OpenSSL command line applications could also be vulnerable where they print out ASN.1 data, or if untrusted data is passed as command line arguments.
Libssl is not considered directly vulnerable. Additionally certificates etc received via remote connections via libssl are also unlikely to be able to trigger these issues because of message size limits enforced within libssl.
This issue affects OpenSSL versions 1.0.2 and 1.0.1.
OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s
This issue was reported to OpenSSL on February 23rd by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Side channel attack on modular exponentiation (CVE-2016-0702)
Severity: Low
A side-channel attack was found which makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture which could lead to the recovery of RSA keys. The ability to exploit this issue is limited as it relies on an attacker who has control of code in a thread running on the same hyper-threaded core as the victim thread which is performing decryptions.
This issue affects OpenSSL versions 1.0.2 and 1.0.1.
OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s
This issue was reported to OpenSSL on Jan 8th 2016 by Yuval Yarom, The University of Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv University, and Nadia Heninger, University of Pennsylvania with more information at http://cachebleed.info. The fix was developed by Andy Polyakov of OpenSSL.
Divide-and-conquer session key recovery in SSLv2 (CVE-2016-0703)
Severity: High
This issue only affected versions of OpenSSL prior to March 19th 2015 at which time the code was refactored to address vulnerability CVE-2015-0293.
s2_srvr.c did not enforce that clear-key-length is 0 for non-export ciphers. If clear-key bytes are present for these ciphers, they displace encrypted-key bytes. This leads to an efficient divide-and-conquer key recovery attack: if an eavesdropper has intercepted an SSLv2 handshake, they can use the server as an oracle to determine the SSLv2 master-key, using only 16 connections to the server and negligible computation.
More importantly, this leads to a more efficient version of DROWN that is effective against non-export ciphersuites, and requires no significant computation.
This issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all earlier versions. It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf (released March 19th 2015).
This issue was reported to OpenSSL on February 10th 2016 by David Adrian and J. Alex Halderman of the University of Michigan. The underlying defect had by then already been fixed by Emilia Käsper of OpenSSL on March 4th 2015. The fix for this issue can be identified by commits ae50d827 (1.0.2a), cd56a08d (1.0.1m), 1a08063 (1.0.0r) and 65c588c (0.9.8zf).
Bleichenbacher oracle in SSLv2 (CVE-2016-0704)
Severity: Moderate
This issue only affected versions of OpenSSL prior to March 19th 2015 at which time the code was refactored to address the vulnerability CVE-2015-0293.
s2_srvr.c overwrite the wrong bytes in the master-key when applying Bleichenbacher protection for export cipher suites. This provides a Bleichenbacher oracle, and could potentially allow more efficient variants of the DROWN attack.
This issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all earlier versions. It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf (released March 19th 2015).
This issue was reported to OpenSSL on February 10th 2016 by David Adrian and J. Alex Halderman of the University of Michigan. The underlying defect had by then already been fixed by Emilia Käsper of OpenSSL on March 4th 2015. The fix for this issue can be identified by commits ae50d827 (1.0.2a), cd56a08d (1.0.1m), 1a08063 (1.0.0r) and 65c588c (0.9.8zf).
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160301.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html . Description:
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. Relevant releases/architectures:
RHEL 7-based RHEV-H - noarch RHEV Hypervisor for RHEL-6 - noarch
- The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor.
Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. An attacker could create specially crafted DSA private keys that, when processed by an application compiled against OpenSSL, could cause the application to crash. (CVE-2016-0705)
An integer overflow flaw, leading to a NULL pointer dereference or a heap-based memory corruption, was found in the way some BIGNUM functions of OpenSSL were implemented. Applications that use these functions with large untrusted input could crash or, potentially, execute arbitrary code.
Changes to the rhev-hypervisor component:
-
Previously, a race between services during boot prevented network configuration from upgrading correctly. The risk for the race has now been reduced significantly to allow the upgrade of the network configuration to complete correctly. (BZ#1194068)
-
Previously, using the text user interface (TUI) to log in to the administrator account of Red Hat Enterprise Virtualization Hypervisor failed with a Python backtrace. This update makes the "six" module correctly importable under all circumstances, which ensures that logging in to Red Hat Enterprise Virtualization Hypervisor using TUI proceeds as expected. (BZ#1246836)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05390893
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05390893 Version: 1
HPESBHF03703 rev.1 - HPE Network Products including Comware v7 and VCX using OpenSSL, Remote Unauthorized Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. The vulnerabilities could be remotely exploited resulting in disclosure of information.
References:
- CVE-2015-3197 - OpenSSL, Remote unauthorized disclosure of information
- CVE-2016-0701 - OpenSSL, Remote unauthorized disclosure of information
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please refer to the RESOLUTION below for a list of updated products. Please refer to the RESOLUTION below for a list of updated products.
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2015-3197
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2016-0701
3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has made the following software updates to resolve the vulnerability in the Comware v7 and VCX products.
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7377P01
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 10500 (Comware 7) - Version: R7183
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 12900 (Comware 7) - Version: R1150
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5900 (Comware 7) - Version: R2432P01
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR1000 (Comware 7) - Version: R0306P30
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR2000 (Comware 7) - Version: R0306P30
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR3000 (Comware 7) - Version: R0306P30
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG409A HP MSR3012 AC Router
- JG409B HPE MSR3012 AC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR4000 (Comware 7) - Version: R0306P30
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR95X - Version: R0306P30
- HP Network Products
- JH296A HPE MSR954 1GbE SFP 2GbE-WAN 4GbE-LAN CWv7 Router
- JH297A HPE MSR954-W 1GbE SFP (WW) 2GbE-WAN 4GbE-LAN Wireless 802.11n CWv7 Router
- JH298A HPE MSR954-W 1GbE SFP LTE (AM) 2GbE-WAN 4GbE-LAN Wireless 802.11n CWv7 Router
- JH299A HPE MSR954-W 1GbE SFP LTE (WW) 2GbE-WAN 4GbE-LAN Wireless 802.11n CWv7 Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- VSR (Comware 7) - Version: E0322P01
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 7900 (Comware 7) - Version: R2150
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5130EI (Comware 7) - Version: R3113P02
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 6125XLG - Version: R2432P01
- HP Network Products
- 711307-B21 HP 6125XLG Blade Switch
- 737230-B21 HP 6125XLG Blade Switch with TAA
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 6127XLG - Version: R2432P01
- HP Network Products
- 787635-B21 HP 6127XLG Blade Switch Opt Kit
- 787635-B22 HP 6127XLG Blade Switch with TAA
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- Moonshot - Version: R2432P01
- HP Network Products
- 786617-B21 - HP Moonshot-45Gc Switch Module
- 704654-B21 - HP Moonshot-45XGc Switch Module
- 786619-B21 - HP Moonshot-180XGc Switch Module
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5700 (Comware 7) - Version: R2432P01
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5930 (Comware 7) - Version: R2432P01
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 1950 (Comware 7) - Version: R3113P02
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 7500 (Comware 7) - Version: R7183
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5130HI - Version: R1120P07
- HP Network Products
- JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch
- JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch
- JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch
- JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5510HI - Version: R1120P07
- HP Network Products
- JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch
- JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch
- JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch
- JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch
- JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- VCX - Version: 9.8.19
- HP Network Products
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
- CVEs
- CVE-2015-3197
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 14 February 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. 5.9 server) - i386, ia64, x86_64
-
Gentoo Linux Security Advisory GLSA 201601-05
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: January 29, 2016 Bugs: #572854 ID: 201601-05
Synopsis
Multiple vulnerabilities have been found in OpenSSL, allowing remote attackers to disclose sensitive information and complete weak handshakes.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2f >= 1.0.2f
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the upstream advisory and CVE identifiers referenced below for details.
Impact
A remote attacker could disclose a server's private DH exponent, or complete SSLv2 handshakes using ciphers that have been disabled on the server.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2f"
References
[ 1 ] CVE-2015-3197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3197 [ 2 ] CVE-2016-0701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0701 [ 3 ] OpenSSL Security Advisory [28th Jan 2016] http://openssl.org/news/secadv/20160128.txt
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201601-05
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:0303-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0303.html Issue date: 2016-03-01 CVE Names: CVE-2015-0293 CVE-2015-3197 CVE-2016-0703 CVE-2016-0704 CVE-2016-0800 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.2, 6.4, and 6.5 Advanced Update Support.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. For more information, refer to the knowledge base article linked to in the References section.
It was discovered that the SSLv2 servers using OpenSSL accepted SSLv2 connection handshakes that indicated non-zero clear key length for non-export cipher suites. An attacker could use a SSLv2 server using OpenSSL as a Bleichenbacher oracle.
A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. (CVE-2015-3197)
Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges Nimrod Aviram and Sebastian Schinzel as the original reporters of CVE-2016-0800 and CVE-2015-3197; David Adrian (University of Michigan) and J. Alex Halderman (University of Michigan) as the original reporters of CVE-2016-0703 and CVE-2016-0704; and Sean Burford (Google) and Emilia Käsper (OpenSSL development team) as the original reporters of CVE-2015-0293.
All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1202404 - CVE-2015-0293 openssl: assertion failure in SSLv2 servers 1301846 - CVE-2015-3197 OpenSSL: SSLv2 doesn't block disabled ciphers 1310593 - CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN) 1310811 - CVE-2016-0703 openssl: Divide-and-conquer session key recovery in SSLv2 1310814 - CVE-2016-0704 openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers
- Package List:
Red Hat Enterprise Linux Server AUS (v. 6.2):
Source: openssl-1.0.0-20.el6_2.8.src.rpm
x86_64: openssl-1.0.0-20.el6_2.8.i686.rpm openssl-1.0.0-20.el6_2.8.x86_64.rpm openssl-debuginfo-1.0.0-20.el6_2.8.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.8.x86_64.rpm openssl-devel-1.0.0-20.el6_2.8.i686.rpm openssl-devel-1.0.0-20.el6_2.8.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.4):
Source: openssl-1.0.0-27.el6_4.5.src.rpm
x86_64: openssl-1.0.0-27.el6_4.5.i686.rpm openssl-1.0.0-27.el6_4.5.x86_64.rpm openssl-debuginfo-1.0.0-27.el6_4.5.i686.rpm openssl-debuginfo-1.0.0-27.el6_4.5.x86_64.rpm openssl-devel-1.0.0-27.el6_4.5.i686.rpm openssl-devel-1.0.0-27.el6_4.5.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.5):
Source: openssl-1.0.1e-16.el6_5.16.src.rpm
x86_64: openssl-1.0.1e-16.el6_5.16.i686.rpm openssl-1.0.1e-16.el6_5.16.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.16.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.16.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.16.i686.rpm openssl-devel-1.0.1e-16.el6_5.16.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.2):
Source: openssl-1.0.0-20.el6_2.8.src.rpm
x86_64: openssl-debuginfo-1.0.0-20.el6_2.8.x86_64.rpm openssl-perl-1.0.0-20.el6_2.8.x86_64.rpm openssl-static-1.0.0-20.el6_2.8.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.4):
Source: openssl-1.0.0-27.el6_4.5.src.rpm
x86_64: openssl-debuginfo-1.0.0-27.el6_4.5.x86_64.rpm openssl-perl-1.0.0-27.el6_4.5.x86_64.rpm openssl-static-1.0.0-27.el6_4.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.5):
Source: openssl-1.0.1e-16.el6_5.16.src.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.16.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.16.x86_64.rpm openssl-static-1.0.1e-16.el6_5.16.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-0293 https://access.redhat.com/security/cve/CVE-2015-3197 https://access.redhat.com/security/cve/CVE-2016-0703 https://access.redhat.com/security/cve/CVE-2016-0704 https://access.redhat.com/security/cve/CVE-2016-0800 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/2176731 https://drownattack.com/ https://openssl.org/news/secadv/20160128.txt https://openssl.org/news/secadv/20160301.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW1cFVXlSAg2UNWIIRAiHFAKCv4By3YintGgRYJJyhA7n3FrUn1wCfZHLr V2xviZUG2H9rWZyjayig0oY= =rw6Q -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "oss support tools",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "8.11.16.3.8"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "5.0.16"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "8.53"
},
{
"_id": null,
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "2.0"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "8.54"
},
{
"_id": null,
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "1.0"
},
{
"_id": null,
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "8.55"
},
{
"_id": null,
"model": "tuxedo",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "12.1.1.0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1p"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1q"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ecsystems nl",
"version": null
},
{
"_id": null,
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.0.2.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "396510.11.1"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"_id": null,
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "382510.1.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"_id": null,
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"_id": null,
"model": "enterprise virtualization",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.10"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "15.1"
},
{
"_id": null,
"model": "cognos insight fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.216"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"_id": null,
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.0"
},
{
"_id": null,
"model": "10.1-release-p26",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"_id": null,
"model": "cognos insight fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.26"
},
{
"_id": null,
"model": "10.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.0"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.6"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"_id": null,
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"_id": null,
"model": "9.3-release-p22",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "10.1-release-p28",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.2"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"_id": null,
"model": "ons series multiservice provisioning platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"_id": null,
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.5"
},
{
"_id": null,
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014091001"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.157"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.3"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"_id": null,
"model": "10.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4.2"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "386510.1.4"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"_id": null,
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "10.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "10.1-release-p27",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014090800"
},
{
"_id": null,
"model": "10.2-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack interix fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2.17"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"_id": null,
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "380110.1.4"
},
{
"_id": null,
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "396510.1.1"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.3"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"_id": null,
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "9.3-release-p36",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "powerkvm sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.14"
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "380510.1.1"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "videoscape control suite foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"_id": null,
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"_id": null,
"model": "9.3-release-p35",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "10.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.19"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.0.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "unified computing system b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "infosphere master data management provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.20"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"_id": null,
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "10.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"_id": null,
"model": "10.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "smartcloud entry appliance fixpac",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "382510.11.1"
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "386510.1.1"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"_id": null,
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"_id": null,
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"_id": null,
"model": "netezza diagnostics tools",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.2"
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "371510.1.1"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.7"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.3"
},
{
"_id": null,
"model": "cognos tm1 fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.26"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.10"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.0"
},
{
"_id": null,
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.2"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"_id": null,
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"_id": null,
"model": "9.3-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.4"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "380110.1.1"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "15.2"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.1"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise session border controller ecz7.3m2p2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"_id": null,
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "371510.1.4"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "380110.11.1"
},
{
"_id": null,
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.2.0.0"
},
{
"_id": null,
"model": "infosphere data explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "agent desktop",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.9"
},
{
"_id": null,
"model": "email gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.404"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "393510.11.1"
},
{
"_id": null,
"model": "9.3-release-p21",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "10.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cisco directors and switches with nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.4"
},
{
"_id": null,
"model": "smartcloud entry appliance fixpac",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"_id": null,
"model": "10.1-release-p29",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "nx-os nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.9"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.6"
},
{
"_id": null,
"model": "mobility services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"_id": null,
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"_id": null,
"model": "netezza diagnostics tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.1"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "382510.1.4"
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"_id": null,
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "16.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.8"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"_id": null,
"model": "10.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.7"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"_id": null,
"model": "mq light client module for node.js 1.0.2014091000-red",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.18"
},
{
"_id": null,
"model": "9.3-release-p33",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.2"
},
{
"_id": null,
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.2"
},
{
"_id": null,
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.21"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "ethernet switch 40g 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "642.0"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"_id": null,
"model": "10.1-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "wireless ap",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "393510.1.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "ethernet switch 40g 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "722.0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.4"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.13"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "380510.1.4"
},
{
"_id": null,
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"_id": null,
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.2g",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cisco directors and switches with nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.1"
},
{
"_id": null,
"model": "project openssl 1.0.2f",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "10.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3x000"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "nx-os nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "396510.1.4"
},
{
"_id": null,
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "solaris sru",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.36.5"
},
{
"_id": null,
"model": "oss support tools oracle explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.0.2"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "380510.11.1"
},
{
"_id": null,
"model": "security identity governance and intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"_id": null,
"model": "9.3-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "cloud manager with openstack interim fix1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"_id": null,
"model": "smartcloud entry appliance fixpac",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"_id": null,
"model": "sun network 10ge switch 72p",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.2"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.4"
},
{
"_id": null,
"model": "project openssl 1.0.1r",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cisco directors and switches with nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87107010"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.13"
},
{
"_id": null,
"model": "tivoli netcool reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "10.2-release-p12",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "switch es1-24",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.3"
},
{
"_id": null,
"model": "infosphere data explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2-4"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.4"
},
{
"_id": null,
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.1.0.0"
},
{
"_id": null,
"model": "10.2-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3"
},
{
"_id": null,
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.4"
},
{
"_id": null,
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.2"
},
{
"_id": null,
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.2"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.0"
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.1"
},
{
"_id": null,
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.2.0"
},
{
"_id": null,
"model": "series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88000"
},
{
"_id": null,
"model": "smartcloud entry appliance fixpac",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "project openssl 1.0.1s",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "pureapplication system if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.18"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "sun blade ethernet switched nem 24p 10ge",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "60001.2"
},
{
"_id": null,
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4"
},
{
"_id": null,
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.2"
},
{
"_id": null,
"model": "10.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "10.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.0.1.0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.5"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014090801"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.12"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "powerkvm sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"_id": null,
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "powerkvm build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.7"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"_id": null,
"model": "9.3-release-p34",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "flex system chassis management module 2pet",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"_id": null,
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "371510.11.1"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"_id": null,
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"_id": null,
"model": "9.3-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "0"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "386510.11.1"
},
{
"_id": null,
"model": "cognos insight fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.126"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.2"
},
{
"_id": null,
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"_id": null,
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "wireless ap",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "393510.1.4"
},
{
"_id": null,
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.4.1.5.0"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.158"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#257823"
},
{
"db": "CERT/CC",
"id": "VU#583776"
},
{
"db": "BID",
"id": "82237"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"credits": {
"_id": null,
"data": "Nimrod Aviram and Sebastian Schinzel",
"sources": [
{
"db": "BID",
"id": "82237"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
}
],
"trust": 0.9
},
"cve": "CVE-2015-3197",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3197",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 7.1,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "HIGH",
"enviromentalScore": 6.5,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 4.9,
"id": "CVE-2016-0800",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"integrityRequirement": "HIGH",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "WORKAROUND",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "HIGH",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:H/Au:N/C:C/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2015-3197",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3197",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-0800",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-026",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-3197",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#583776"
},
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"description": {
"_id": null,
"data": "ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. OpenSSL may generate unsafe primes for use in the Diffie-Hellman protocol, which may lead to disclosure of enough information for an attacker to recover the private encryption key. Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. This is known as the \"DROWN\" attack in the media. OpenSSL is prone to a security-bypass vulnerability. \nSuccessfully exploiting this issue may allow attackers to perform unauthorized actions. This may lead to other attacks. OpenSSL Security Advisory [1st March 2016]\n=========================================\n\nNOTE: With this update, OpenSSL is disabling the SSLv2 protocol by default, as\nwell as removing SSLv2 EXPORT ciphers. We strongly advise against the use of\nSSLv2 due not only to the issues described below, but to the other known\ndeficiencies in the protocol as described at\nhttps://tools.ietf.org/html/rfc6176\n\n\nCross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)\n================================================================\n\nSeverity: High\n\nA cross-protocol attack was discovered that could lead to decryption of TLS\nsessions by using a server supporting SSLv2 and EXPORT cipher suites as a\nBleichenbacher RSA padding oracle. Note that traffic between clients and\nnon-vulnerable servers can be decrypted provided another server supporting\nSSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or\nPOP) shares the RSA keys of the non-vulnerable server. \n\nRecovering one session key requires the attacker to perform approximately 2^50\ncomputation, as well as thousands of connections to the affected server. A more\nefficient variant of the DROWN attack exists against unpatched OpenSSL servers\nusing versions that predate 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf released on\n19/Mar/2015 (see CVE-2016-0703 below). \n\nUsers can avoid this issue by disabling the SSLv2 protocol in all their SSL/TLS\nservers, if they\u0027ve not done so already. Disabling all SSLv2 ciphers is also\nsufficient, provided the patches for CVE-2015-3197 (fixed in OpenSSL 1.0.1r and\n1.0.2f) have been deployed. Servers that have not disabled the SSLv2 protocol,\nand are not patched for CVE-2015-3197 are vulnerable to DROWN even if all SSLv2\nciphers are nominally disabled, because malicious clients can force the use of\nSSLv2 with EXPORT ciphers. \n\nOpenSSL 1.0.2g and 1.0.1s deploy the following mitigation against DROWN:\n\nSSLv2 is now by default disabled at build-time. Builds that are not configured\nwith \"enable-ssl2\" will not support SSLv2. Even if \"enable-ssl2\" is used,\nusers who want to negotiate SSLv2 via the version-flexible SSLv23_method() will\nneed to explicitly call either of:\n\n SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);\n or\n SSL_clear_options(ssl, SSL_OP_NO_SSLv2);\n\nas appropriate. Even if either of those is used, or the application explicitly\nuses the version-specific SSLv2_method() or its client or server variants,\nSSLv2 ciphers vulnerable to exhaustive search key recovery have been removed. \nSpecifically, the SSLv2 40-bit EXPORT ciphers, and SSLv2 56-bit DES are no\nlonger available. \n\nIn addition, weak ciphers in SSLv3 and up are now disabled in default builds of\nOpenSSL. Builds that are not configured with \"enable-weak-ssl-ciphers\" will\nnot provide any \"EXPORT\" or \"LOW\" strength ciphers. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2g\nOpenSSL 1.0.1 users should upgrade to 1.0.1s\n\nThis issue was reported to OpenSSL on December 29th 2015 by Nimrod Aviram and\nSebastian Schinzel. The fix was developed by Viktor Dukhovni and Matt Caswell\nof OpenSSL. \n\n\nDouble-free in DSA code (CVE-2016-0705)\n=======================================\n\nSeverity: Low\n\nA double free bug was discovered when OpenSSL parses malformed DSA private keys\nand could lead to a DoS attack or memory corruption for applications that\nreceive DSA private keys from untrusted sources. This scenario is considered\nrare. \n\nThis issue affects OpenSSL versions 1.0.2 and 1.0.1. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2g\nOpenSSL 1.0.1 users should upgrade to 1.0.1s\n\nThis issue was reported to OpenSSL on February 7th 2016 by Adam Langley\n(Google/BoringSSL) using libFuzzer. The fix was developed by Dr Stephen Henson\nof OpenSSL. \n\n\nMemory leak in SRP database lookups (CVE-2016-0798)\n===================================================\n\nSeverity: Low\n\nThe SRP user database lookup method SRP_VBASE_get_by_user had\nconfusing memory management semantics; the returned pointer was sometimes newly\nallocated, and sometimes owned by the callee. The calling code has no way of\ndistinguishing these two cases. \n\nSpecifically, SRP servers that configure a secret seed to hide valid\nlogin information are vulnerable to a memory leak: an attacker\nconnecting with an invalid username can cause a memory leak of around\n300 bytes per connection. Servers that do not configure SRP, or\nconfigure SRP but do not configure a seed are not vulnerable. \n\nIn Apache, the seed directive is known as SSLSRPUnknownUserSeed. \n\nTo mitigate the memory leak, the seed handling in\nSRP_VBASE_get_by_user is now disabled even if the user has configured\na seed. Applications are advised to migrate to\nSRP_VBASE_get1_by_user. However, note that OpenSSL makes no strong\nguarantees about the indistinguishability of valid and invalid\nlogins. In particular, computations are currently not carried out in\nconstant time. \n\nThis issue affects OpenSSL versions 1.0.2 and 1.0.1. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2g\nOpenSSL 1.0.1 users should upgrade to 1.0.1s\n\nThis issue was discovered on February 23rd 2016 by Emilia K\u00e4sper of\nthe OpenSSL development team. Emilia K\u00e4sper also developed the fix. \n\n\nBN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797)\n======================================================================\n\nSeverity: Low\n\nIn the BN_hex2bn function the number of hex digits is calculated using an int\nvalue |i|. Later |bn_expand| is called with a value of |i * 4|. For large values\nof |i| this can result in |bn_expand| not allocating any memory because |i * 4|\nis negative. This can leave the internal BIGNUM data field as NULL leading to a\nsubsequent NULL ptr deref. For very large values of |i|, the calculation |i * 4|\ncould be a positive value smaller than |i|. In this case memory is allocated to\nthe internal BIGNUM data field, but it is insufficiently sized leading to heap\ncorruption. A similar issue exists in BN_dec2bn. This could have security\nconsequences if BN_hex2bn/BN_dec2bn is ever called by user applications with\nvery large untrusted hex/dec data. This is anticipated to be a rare occurrence. \n\nAll OpenSSL internal usage of these functions use data that is not expected to\nbe untrusted, e.g. config file data or application command line arguments. If\nuser developed applications generate config file data based on untrusted data\nthen it is possible that this could also lead to security consequences. This is\nalso anticipated to be rare. \n\nThis issue affects OpenSSL versions 1.0.2 and 1.0.1. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2g\nOpenSSL 1.0.1 users should upgrade to 1.0.1s\n\nThis issue was reported to OpenSSL on February 19th 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nFix memory issues in BIO_*printf functions (CVE-2016-0799)\n==========================================================\n\nSeverity: Low\n\nThe internal |fmtstr| function used in processing a \"%s\" format string in the\nBIO_*printf functions could overflow while calculating the length of a string\nand cause an OOB read when printing very long strings. \n\nAdditionally the internal |doapr_outch| function can attempt to write to an OOB\nmemory location (at an offset from the NULL pointer) in the event of a memory\nallocation failure. In 1.0.2 and below this could be caused where the size of a\nbuffer to be allocated is greater than INT_MAX. E.g. this could be in processing\na very long \"%s\" format string. Memory leaks can also occur. \n\nThe first issue may mask the second issue dependent on compiler behaviour. \nThese problems could enable attacks where large amounts of untrusted data is\npassed to the BIO_*printf functions. If applications use these functions in this\nway then they could be vulnerable. OpenSSL itself uses these functions when\nprinting out human-readable dumps of ASN.1 data. Therefore applications that\nprint this data could be vulnerable if the data is from untrusted sources. \nOpenSSL command line applications could also be vulnerable where they print out\nASN.1 data, or if untrusted data is passed as command line arguments. \n\nLibssl is not considered directly vulnerable. Additionally certificates etc\nreceived via remote connections via libssl are also unlikely to be able to\ntrigger these issues because of message size limits enforced within libssl. \n\nThis issue affects OpenSSL versions 1.0.2 and 1.0.1. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2g\nOpenSSL 1.0.1 users should upgrade to 1.0.1s\n\nThis issue was reported to OpenSSL on February 23rd by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSide channel attack on modular exponentiation (CVE-2016-0702)\n=============================================================\n\nSeverity: Low\n\nA side-channel attack was found which makes use of cache-bank conflicts on the\nIntel Sandy-Bridge microarchitecture which could lead to the recovery of RSA\nkeys. The ability to exploit this issue is limited as it relies on an attacker\nwho has control of code in a thread running on the same hyper-threaded core as\nthe victim thread which is performing decryptions. \n\nThis issue affects OpenSSL versions 1.0.2 and 1.0.1. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2g\nOpenSSL 1.0.1 users should upgrade to 1.0.1s\n\nThis issue was reported to OpenSSL on Jan 8th 2016 by Yuval Yarom, The\nUniversity of Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv\nUniversity, and Nadia Heninger, University of Pennsylvania with more\ninformation at http://cachebleed.info. The fix was developed by Andy Polyakov\nof OpenSSL. \n\n\nDivide-and-conquer session key recovery in SSLv2 (CVE-2016-0703)\n================================================================\n\nSeverity: High\n\nThis issue only affected versions of OpenSSL prior to March 19th 2015 at which\ntime the code was refactored to address vulnerability CVE-2015-0293. \n\ns2_srvr.c did not enforce that clear-key-length is 0 for non-export ciphers. If\nclear-key bytes are present for these ciphers, they *displace* encrypted-key\nbytes. This leads to an efficient divide-and-conquer key recovery attack: if an\neavesdropper has intercepted an SSLv2 handshake, they can use the server as an\noracle to determine the SSLv2 master-key, using only 16 connections to the\nserver and negligible computation. \n\nMore importantly, this leads to a more efficient version of DROWN that is\neffective against non-export ciphersuites, and requires no significant\ncomputation. \n\nThis issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all\nearlier versions. It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf\n(released March 19th 2015). \n\nThis issue was reported to OpenSSL on February 10th 2016 by David Adrian and J. \nAlex Halderman of the University of Michigan. The underlying defect had by\nthen already been fixed by Emilia K\u00e4sper of OpenSSL on March 4th 2015. The fix\nfor this issue can be identified by commits ae50d827 (1.0.2a), cd56a08d\n(1.0.1m), 1a08063 (1.0.0r) and 65c588c (0.9.8zf). \n\n\nBleichenbacher oracle in SSLv2 (CVE-2016-0704)\n==============================================\n\nSeverity: Moderate\n\nThis issue only affected versions of OpenSSL prior to March 19th 2015 at which\ntime the code was refactored to address the vulnerability CVE-2015-0293. \n\ns2_srvr.c overwrite the wrong bytes in the master-key when applying\nBleichenbacher protection for export cipher suites. This provides a\nBleichenbacher oracle, and could potentially allow more efficient variants of\nthe DROWN attack. \n\nThis issue affected OpenSSL versions 1.0.2, 1.0.1l, 1.0.0q, 0.9.8ze and all\nearlier versions. It was fixed in OpenSSL 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf\n(released March 19th 2015). \n\nThis issue was reported to OpenSSL on February 10th 2016 by David Adrian and J. \nAlex Halderman of the University of Michigan. The underlying defect had by\nthen already been fixed by Emilia K\u00e4sper of OpenSSL on March 4th 2015. The fix\nfor this issue can be identified by commits ae50d827 (1.0.2a), cd56a08d\n(1.0.1m), 1a08063 (1.0.0r) and 65c588c (0.9.8zf). \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160301.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n. Description:\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the\nApache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat\nConnector(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and\nthe Tomcat Native library. Relevant releases/architectures:\n\nRHEL 7-based RHEV-H - noarch\nRHEV Hypervisor for RHEL-6 - noarch\n\n3. The Red Hat Enterprise \nVirtualization Hypervisor is a dedicated Kernel-based Virtual Machine \n(KVM) hypervisor. \n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available \nfor the Intel 64 and AMD64 architectures with virtualization \nextensions. An \nattacker could create specially crafted DSA private keys that, when \nprocessed by an application compiled against OpenSSL, could cause \nthe application to crash. (CVE-2016-0705)\n\nAn integer overflow flaw, leading to a NULL pointer dereference or a\nheap-based memory corruption, was found in the way some BIGNUM \nfunctions of OpenSSL were implemented. Applications that use these \nfunctions with large untrusted input could crash or, potentially, \nexecute arbitrary code. \n\nChanges to the rhev-hypervisor component:\n\n* Previously, a race between services during boot prevented network \nconfiguration from upgrading correctly. The risk for the race has \nnow been reduced significantly to allow the upgrade of the network \nconfiguration to complete correctly. (BZ#1194068)\n\n* Previously, using the text user interface (TUI) to log in to the \nadministrator account of Red Hat Enterprise Virtualization \nHypervisor failed with a Python backtrace. This update makes the \n\"six\" module correctly importable under all circumstances, which \nensures that logging in to Red Hat Enterprise Virtualization \nHypervisor using TUI proceeds as expected. (BZ#1246836)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05390893\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05390893\nVersion: 1\n\nHPESBHF03703 rev.1 - HPE Network Products including Comware v7 and VCX using\nOpenSSL, Remote Unauthorized Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. The vulnerabilities could be\nremotely exploited resulting in disclosure of information. \n\nReferences:\n\n - CVE-2015-3197 - OpenSSL, Remote unauthorized disclosure of information\n - CVE-2016-0701 - OpenSSL, Remote unauthorized disclosure of information\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please\nrefer to the RESOLUTION below for a list of updated products. Please refer to the RESOLUTION below for a list of updated\nproducts. \n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2015-3197\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2016-0701\n 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\n 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following software updates to resolve the vulnerability in\nthe Comware v7 and VCX products. \n\n**COMWARE 7 Products**\n\n + **12500 (Comware 7) - Version: R7377P01**\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **10500 (Comware 7) - Version: R7183**\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **12900 (Comware 7) - Version: R1150**\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5900 (Comware 7) - Version: R2432P01**\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR1000 (Comware 7) - Version: R0306P30**\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR2000 (Comware 7) - Version: R0306P30**\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR3000 (Comware 7) - Version: R0306P30**\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG409A HP MSR3012 AC Router\n - JG409B HPE MSR3012 AC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR4000 (Comware 7) - Version: R0306P30**\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR95X - Version: R0306P30**\n * HP Network Products\n - JH296A HPE MSR954 1GbE SFP 2GbE-WAN 4GbE-LAN CWv7 Router\n - JH297A HPE MSR954-W 1GbE SFP (WW) 2GbE-WAN 4GbE-LAN Wireless 802.11n\nCWv7 Router\n - JH298A HPE MSR954-W 1GbE SFP LTE (AM) 2GbE-WAN 4GbE-LAN Wireless\n802.11n CWv7 Router\n - JH299A HPE MSR954-W 1GbE SFP LTE (WW) 2GbE-WAN 4GbE-LAN Wireless\n802.11n CWv7 Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **VSR (Comware 7) - Version: E0322P01**\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **7900 (Comware 7) - Version: R2150**\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5130EI (Comware 7) - Version: R3113P02**\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **6125XLG - Version: R2432P01**\n * HP Network Products\n - 711307-B21 HP 6125XLG Blade Switch\n - 737230-B21 HP 6125XLG Blade Switch with TAA\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **6127XLG - Version: R2432P01**\n * HP Network Products\n - 787635-B21 HP 6127XLG Blade Switch Opt Kit\n - 787635-B22 HP 6127XLG Blade Switch with TAA\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **Moonshot - Version: R2432P01**\n * HP Network Products\n - 786617-B21 - HP Moonshot-45Gc Switch Module\n - 704654-B21 - HP Moonshot-45XGc Switch Module\n - 786619-B21 - HP Moonshot-180XGc Switch Module\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5700 (Comware 7) - Version: R2432P01**\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5930 (Comware 7) - Version: R2432P01**\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **1950 (Comware 7) - Version: R3113P02**\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **7500 (Comware 7) - Version: R7183**\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5130HI - Version: R1120P07**\n * HP Network Products\n - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch\n - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch\n - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch\n - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5510HI - Version: R1120P07**\n * HP Network Products\n - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch\n - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch\n - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch\n - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch\n - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **VCX - Version: 9.8.19**\n * HP Network Products\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n * CVEs\n - CVE-2015-3197\n \n **Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 14 February 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. 5.9 server) - i386, ia64, x86_64\n\n3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201601-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: January 29, 2016\n Bugs: #572854\n ID: 201601-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, allowing remote\nattackers to disclose sensitive information and complete weak\nhandshakes. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.2f \u003e= 1.0.2f\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe upstream advisory and CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could disclose a server\u0027s private DH exponent, or\ncomplete SSLv2 handshakes using ciphers that have been disabled on the\nserver. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2f\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-3197\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3197\n[ 2 ] CVE-2016-0701\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0701\n[ 3 ] OpenSSL Security Advisory [28th Jan 2016]\n http://openssl.org/news/secadv/20160128.txt\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201601-05\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:0303-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0303.html\nIssue date: 2016-03-01\nCVE Names: CVE-2015-0293 CVE-2015-3197 CVE-2016-0703 \n CVE-2016-0704 CVE-2016-0800 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.2, 6.4, and 6.5 Advanced Update\nSupport. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 6.2) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.5) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. \n\nA padding oracle flaw was found in the Secure Sockets Layer version 2.0\n(SSLv2) protocol. An attacker can potentially use this flaw to decrypt\nRSA-encrypted cipher text from a connection using a newer SSL/TLS protocol\nversion, allowing them to decrypt such connections. For more information, refer to the knowledge base\narticle linked to in the References section. \n\nIt was discovered that the SSLv2 servers using OpenSSL accepted SSLv2\nconnection handshakes that indicated non-zero clear key length for\nnon-export cipher suites. An attacker could use a SSLv2 server using OpenSSL as a \nBleichenbacher oracle. \n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. This could result in weak\nSSLv2 ciphers being used for SSLv2 connections, making them vulnerable to\nman-in-the-middle attacks. (CVE-2015-3197)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues. \nUpstream acknowledges Nimrod Aviram and Sebastian Schinzel as the original\nreporters of CVE-2016-0800 and CVE-2015-3197; David Adrian (University of\nMichigan) and J. Alex Halderman (University of Michigan) as the original\nreporters of CVE-2016-0703 and CVE-2016-0704; and Sean Burford (Google) and\nEmilia K\u00e4sper (OpenSSL development team) as the original reporters of\nCVE-2015-0293. \n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1202404 - CVE-2015-0293 openssl: assertion failure in SSLv2 servers\n1301846 - CVE-2015-3197 OpenSSL: SSLv2 doesn\u0027t block disabled ciphers\n1310593 - CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)\n1310811 - CVE-2016-0703 openssl: Divide-and-conquer session key recovery in SSLv2\n1310814 - CVE-2016-0704 openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 6.2):\n\nSource:\nopenssl-1.0.0-20.el6_2.8.src.rpm\n\nx86_64:\nopenssl-1.0.0-20.el6_2.8.i686.rpm\nopenssl-1.0.0-20.el6_2.8.x86_64.rpm\nopenssl-debuginfo-1.0.0-20.el6_2.8.i686.rpm\nopenssl-debuginfo-1.0.0-20.el6_2.8.x86_64.rpm\nopenssl-devel-1.0.0-20.el6_2.8.i686.rpm\nopenssl-devel-1.0.0-20.el6_2.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.4):\n\nSource:\nopenssl-1.0.0-27.el6_4.5.src.rpm\n\nx86_64:\nopenssl-1.0.0-27.el6_4.5.i686.rpm\nopenssl-1.0.0-27.el6_4.5.x86_64.rpm\nopenssl-debuginfo-1.0.0-27.el6_4.5.i686.rpm\nopenssl-debuginfo-1.0.0-27.el6_4.5.x86_64.rpm\nopenssl-devel-1.0.0-27.el6_4.5.i686.rpm\nopenssl-devel-1.0.0-27.el6_4.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.5):\n\nSource:\nopenssl-1.0.1e-16.el6_5.16.src.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.16.i686.rpm\nopenssl-1.0.1e-16.el6_5.16.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.16.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.16.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.16.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.16.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.2):\n\nSource:\nopenssl-1.0.0-20.el6_2.8.src.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.0-20.el6_2.8.x86_64.rpm\nopenssl-perl-1.0.0-20.el6_2.8.x86_64.rpm\nopenssl-static-1.0.0-20.el6_2.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4):\n\nSource:\nopenssl-1.0.0-27.el6_4.5.src.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.0-27.el6_4.5.x86_64.rpm\nopenssl-perl-1.0.0-27.el6_4.5.x86_64.rpm\nopenssl-static-1.0.0-27.el6_4.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5):\n\nSource:\nopenssl-1.0.1e-16.el6_5.16.src.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.16.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.16.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.16.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-0293\nhttps://access.redhat.com/security/cve/CVE-2015-3197\nhttps://access.redhat.com/security/cve/CVE-2016-0703\nhttps://access.redhat.com/security/cve/CVE-2016-0704\nhttps://access.redhat.com/security/cve/CVE-2016-0800\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/articles/2176731\nhttps://drownattack.com/\nhttps://openssl.org/news/secadv/20160128.txt\nhttps://openssl.org/news/secadv/20160301.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW1cFVXlSAg2UNWIIRAiHFAKCv4By3YintGgRYJJyhA7n3FrUn1wCfZHLr\nV2xviZUG2H9rWZyjayig0oY=\n=rw6Q\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3197"
},
{
"db": "CERT/CC",
"id": "VU#257823"
},
{
"db": "CERT/CC",
"id": "VU#583776"
},
{
"db": "BID",
"id": "82237"
},
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "PACKETSTORM",
"id": "169660"
},
{
"db": "PACKETSTORM",
"id": "136213"
},
{
"db": "PACKETSTORM",
"id": "136151"
},
{
"db": "PACKETSTORM",
"id": "141101"
},
{
"db": "PACKETSTORM",
"id": "136032"
},
{
"db": "PACKETSTORM",
"id": "135515"
},
{
"db": "PACKETSTORM",
"id": "136031"
},
{
"db": "PACKETSTORM",
"id": "136034"
},
{
"db": "PACKETSTORM",
"id": "136030"
}
],
"trust": 3.51
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/583776",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#583776"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-3197",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#257823",
"trust": 2.8
},
{
"db": "BID",
"id": "82237",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "BID",
"id": "91787",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1034849",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#583776",
"trust": 1.1
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026",
"trust": 0.6
},
{
"db": "MCAFEE",
"id": "SB10203",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3197",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169660",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136213",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136151",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "141101",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136032",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135515",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136031",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136030",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#257823"
},
{
"db": "CERT/CC",
"id": "VU#583776"
},
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "BID",
"id": "82237"
},
{
"db": "PACKETSTORM",
"id": "169660"
},
{
"db": "PACKETSTORM",
"id": "136213"
},
{
"db": "PACKETSTORM",
"id": "136151"
},
{
"db": "PACKETSTORM",
"id": "141101"
},
{
"db": "PACKETSTORM",
"id": "136032"
},
{
"db": "PACKETSTORM",
"id": "135515"
},
{
"db": "PACKETSTORM",
"id": "136031"
},
{
"db": "PACKETSTORM",
"id": "136034"
},
{
"db": "PACKETSTORM",
"id": "136030"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"id": "VAR-201602-0272",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4889322099999999
},
"last_update_date": "2026-04-10T22:35:14.450000Z",
"patch": {
"_id": null,
"data": [
{
"title": "OpenSSL Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=60033"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/01/29/openssl_patch_quashes_rare_https_nasty_shores_up_crypto_chops/"
},
{
"title": "Red Hat: CVE-2015-3197",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-3197"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL (January 2016) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160129-openssl"
},
{
"title": "Amazon Linux AMI: ALAS-2016-682",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-682"
},
{
"title": "Symantec Security Advisories: SA111 : OpenSSL Vulnerabilities 28-Jan-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=83d562565218abbdbef42ef8962d127b"
},
{
"title": "Amazon Linux AMI: ALAS-2016-661",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-661"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eb439566c9130adc92d21bc093204cf8"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=6c15273f6bf4a785175f27073b98a1ce"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=8ad80411af3e936eb2998df70506cc71"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=122319027ae43d6d626710f1b1bb1d43"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2015-3197 "
},
{
"title": "changelog",
"trust": 0.1,
"url": "https://github.com/halon/changelog "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
},
{
"title": "satellite-host-cve",
"trust": 0.1,
"url": "https://github.com/RedHatSatellite/satellite-host-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-200",
"trust": 1.0
},
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.1,
"url": "https://www.kb.cert.org/vuls/id/257823"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201601-05"
},
{
"trust": 1.7,
"url": "http://www.openssl.org/news/secadv/20160128.txt"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/82237"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:11.openssl.asc"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03724en_us"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390893"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1034849"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-january/176373.html"
},
{
"trust": 1.4,
"url": "https://mta.openssl.org/pipermail/openssl-announce/2016-january/000061.html"
},
{
"trust": 1.1,
"url": "https://www.openssl.org/news/vulnerabilities.html#y2016"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=d81a1600588b726c2bdccda7efad3cc7a87d6245"
},
{
"trust": 0.9,
"url": "https://www.openssl.org/news/secadv/20160301.txt"
},
{
"trust": 0.9,
"url": "https://tools.ietf.org/html/rfc6176"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3197"
},
{
"trust": 0.8,
"url": "http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc5114"
},
{
"trust": 0.8,
"url": "http://webstore.ansi.org/recorddetail.aspx?sku=ansi+x9.42-2003+%28r2013%29"
},
{
"trust": 0.8,
"url": "http://drownattack.com"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2015-3197"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0800"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2016-0800"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=d81a1600588b726c2bdccda7efad3cc7a87d6245"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://openssl.org/news/secadv/20160128.txt"
},
{
"trust": 0.4,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0303.html"
},
{
"trust": 0.4,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0379.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0704"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0703"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-0293"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/2176731"
},
{
"trust": 0.4,
"url": "https://openssl.org/news/secadv/20160301.txt"
},
{
"trust": 0.4,
"url": "https://drownattack.com/"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160129-openssl"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10203"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory17.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023433"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023836"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023987"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099307"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021143"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021265"
},
{
"trust": 0.3,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-16:11.openssl.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024066"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005820"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009610"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976345"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976356"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977014"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977018"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977144"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21978361"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978941"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979086"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979209"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980207"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980965"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980969"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982099"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982336"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982697"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984601"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985213"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985698"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21987174"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987175"
},
{
"trust": 0.3,
"url": "https://gtacknowledge.extremenetworks.com/articles/vulnerability_notice/vn-2016-002-openssl/?q=cve-2015-3197\u0026l=en_us\u0026fs=search\u0026pn=1"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/583776"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979476"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0704"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0703"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0797"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0701"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2015-3197"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/halon/changelog"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://cachebleed.info."
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0798"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0445.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=webserver\u0026version=2.1.0"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05390893"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0304.html"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3197"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0701"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0306.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0302.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#257823"
},
{
"db": "CERT/CC",
"id": "VU#583776"
},
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "BID",
"id": "82237"
},
{
"db": "PACKETSTORM",
"id": "169660"
},
{
"db": "PACKETSTORM",
"id": "136213"
},
{
"db": "PACKETSTORM",
"id": "136151"
},
{
"db": "PACKETSTORM",
"id": "141101"
},
{
"db": "PACKETSTORM",
"id": "136032"
},
{
"db": "PACKETSTORM",
"id": "135515"
},
{
"db": "PACKETSTORM",
"id": "136031"
},
{
"db": "PACKETSTORM",
"id": "136034"
},
{
"db": "PACKETSTORM",
"id": "136030"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#257823",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#583776",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-3197",
"ident": null
},
{
"db": "BID",
"id": "82237",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169660",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136213",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136151",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "141101",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136032",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135515",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136031",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136034",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136030",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-3197",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-01-28T00:00:00",
"db": "CERT/CC",
"id": "VU#257823",
"ident": null
},
{
"date": "2016-03-01T00:00:00",
"db": "CERT/CC",
"id": "VU#583776",
"ident": null
},
{
"date": "2016-02-15T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3197",
"ident": null
},
{
"date": "2016-01-28T00:00:00",
"db": "BID",
"id": "82237",
"ident": null
},
{
"date": "2016-03-01T12:12:12",
"db": "PACKETSTORM",
"id": "169660",
"ident": null
},
{
"date": "2016-03-14T23:44:31",
"db": "PACKETSTORM",
"id": "136213",
"ident": null
},
{
"date": "2016-03-10T14:57:03",
"db": "PACKETSTORM",
"id": "136151",
"ident": null
},
{
"date": "2017-02-15T14:19:58",
"db": "PACKETSTORM",
"id": "141101",
"ident": null
},
{
"date": "2016-03-02T15:44:44",
"db": "PACKETSTORM",
"id": "136032",
"ident": null
},
{
"date": "2016-01-29T23:23:00",
"db": "PACKETSTORM",
"id": "135515",
"ident": null
},
{
"date": "2016-03-02T14:06:22",
"db": "PACKETSTORM",
"id": "136031",
"ident": null
},
{
"date": "2016-03-02T18:33:33",
"db": "PACKETSTORM",
"id": "136034",
"ident": null
},
{
"date": "2016-03-02T14:05:55",
"db": "PACKETSTORM",
"id": "136030",
"ident": null
},
{
"date": "2016-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-026",
"ident": null
},
{
"date": "2016-02-15T02:59:01.980000",
"db": "NVD",
"id": "CVE-2015-3197",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-01-29T00:00:00",
"db": "CERT/CC",
"id": "VU#257823",
"ident": null
},
{
"date": "2016-03-14T00:00:00",
"db": "CERT/CC",
"id": "VU#583776",
"ident": null
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3197",
"ident": null
},
{
"date": "2017-12-19T22:01:00",
"db": "BID",
"id": "82237",
"ident": null
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-026",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-3197",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "135515"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "OpenSSL re-uses unsafe prime numbers in Diffie-Hellman protocol",
"sources": [
{
"db": "CERT/CC",
"id": "VU#257823"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
}
],
"trust": 0.6
}
}
VAR-201506-0268
Vulnerability from variot - Updated: 2026-04-10 22:34The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. PHP is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A security vulnerability exists in PHP's implementation of pcntl_exec, which stems from the fact that the program does not allow null bytes in pathnames. The following versions are affected: PHP prior to 5.4.41, 5.5.x prior to 5.5.25, and 5.6.x prior to 5.6.9. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: php security and bug fix update Advisory ID: RHSA-2015:1135-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1135.html Issue date: 2015-06-23 CVE Names: CVE-2014-8142 CVE-2014-9652 CVE-2014-9705 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 CVE-2015-0273 CVE-2015-2301 CVE-2015-2348 CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 CVE-2015-3412 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 CVE-2015-4147 CVE-2015-4148 CVE-2015-4598 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 CVE-2015-4605 =====================================================================
- Summary:
Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330)
A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024)
An uninitialized pointer use flaw was found in PHP's Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_read_data() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2015-0232)
An integer overflow flaw leading to a heap-based buffer overflow was found in the way PHP's FTP extension parsed file listing FTP server responses. A malicious FTP server could use this flaw to cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2015-4022)
Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2014-8142, CVE-2015-0231, CVE-2015-0273, CVE-2015-2787, CVE-2015-4147, CVE-2015-4148, CVE-2015-4599, CVE-2015-4600, CVE-2015-4601, CVE-2015-4602, CVE-2015-4603)
It was found that certain PHP functions did not properly handle file names containing a NULL character. (CVE-2015-2348, CVE-2015-4025, CVE-2015-4026, CVE-2015-3411, CVE-2015-3412, CVE-2015-4598)
Multiple flaws were found in the way the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. (CVE-2015-2301, CVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-4021)
Multiple flaws were found in PHP's File Information (fileinfo) extension. A remote attacker could cause a PHP application to crash if it used fileinfo to identify type of attacker supplied files. (CVE-2014-9652, CVE-2015-4604, CVE-2015-4605)
A heap buffer overflow flaw was found in the enchant_broker_request_dict() function of PHP's enchant extension. An attacker able to make a PHP application enchant dictionaries could possibly cause it to crash. (CVE-2014-9705)
A buffer over-read flaw was found in the GD library used by the PHP gd extension. A specially crafted GIF file could cause a PHP application using the imagecreatefromgif() function to crash. (CVE-2014-9709)
This update also fixes the following bugs:
-
The libgmp library in some cases terminated unexpectedly with a segmentation fault when being used with other libraries that use the GMP memory management. With this update, PHP no longer changes libgmp memory allocators, which prevents the described crash from occurring. (BZ#1212305)
-
When using the Open Database Connectivity (ODBC) API, the PHP process in some cases terminated unexpectedly with a segmentation fault. The underlying code has been adjusted to prevent this crash. (BZ#1212299)
-
Previously, running PHP on a big-endian system sometimes led to memory corruption in the fileinfo module. This update adjusts the behavior of the PHP pointer so that it can be freed without causing memory corruption. (BZ#1212298)
All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1175718 - CVE-2014-8142 php: use after free vulnerability in unserialize() 1185397 - CVE-2015-0231 php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142) 1185472 - CVE-2015-0232 php: Free called on unitialized pointer in exif.c 1188599 - CVE-2014-9652 file: out of bounds read in mconvert() 1188639 - CVE-2014-9709 gd: buffer read overflow in gd_gif_in.c 1194730 - CVE-2015-0273 php: use after free vulnerability in unserialize() with DateTimeZone 1194737 - CVE-2014-9705 php: heap buffer overflow in enchant_broker_request_dict() 1194747 - CVE-2015-2301 php: use after free in phar_object.c 1204868 - CVE-2015-4147 php: SoapClient's __call() type confusion through unserialize() 1207676 - CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re 1207682 - CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name 1213394 - CVE-2015-3330 php: pipelined request executed in deinitialized interpreter under httpd 2.4 1213407 - CVE-2015-3411 php: missing null byte checks for paths in various PHP extensions 1213442 - CVE-2015-4604 CVE-2015-4605 php: denial of service when processing a crafted file with Fileinfo 1213446 - CVE-2015-2783 php: buffer over-read in Phar metadata parsing 1213449 - CVE-2015-3329 php: buffer overflow in phar_set_inode() 1222485 - CVE-2015-4024 php: multipart/form-data request paring CPU usage DoS 1222538 - CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 php: type confusion issue in unserialize() with various SOAP methods 1223408 - CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+ 1223412 - CVE-2015-4022 php: integer overflow leading to heap overflow when reading FTP file listing 1223422 - CVE-2015-4026 php: pcntl_exec() accepts paths with NUL character 1223425 - CVE-2015-4021 php: memory corruption in phar_parse_tarfile caused by empty entry file name 1223441 - CVE-2015-3307 php: invalid pointer free() in phar_tar_process_metadata() 1226916 - CVE-2015-4148 php: SoapClient's do_soap_call() type confusion after unserialize() 1232823 - CVE-2015-3412 php: missing null byte checks for paths in various PHP extensions 1232897 - CVE-2015-4598 php: missing null byte checks for paths in DOM and GD extensions 1232918 - CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize 1232923 - CVE-2015-4602 php: Incomplete Class unserialization type confusion
- Package List:
Red Hat Enterprise Linux Client Optional (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
ppc64: php-5.4.16-36.el7_1.ppc64.rpm php-cli-5.4.16-36.el7_1.ppc64.rpm php-common-5.4.16-36.el7_1.ppc64.rpm php-debuginfo-5.4.16-36.el7_1.ppc64.rpm php-gd-5.4.16-36.el7_1.ppc64.rpm php-ldap-5.4.16-36.el7_1.ppc64.rpm php-mysql-5.4.16-36.el7_1.ppc64.rpm php-odbc-5.4.16-36.el7_1.ppc64.rpm php-pdo-5.4.16-36.el7_1.ppc64.rpm php-pgsql-5.4.16-36.el7_1.ppc64.rpm php-process-5.4.16-36.el7_1.ppc64.rpm php-recode-5.4.16-36.el7_1.ppc64.rpm php-soap-5.4.16-36.el7_1.ppc64.rpm php-xml-5.4.16-36.el7_1.ppc64.rpm php-xmlrpc-5.4.16-36.el7_1.ppc64.rpm
s390x: php-5.4.16-36.el7_1.s390x.rpm php-cli-5.4.16-36.el7_1.s390x.rpm php-common-5.4.16-36.el7_1.s390x.rpm php-debuginfo-5.4.16-36.el7_1.s390x.rpm php-gd-5.4.16-36.el7_1.s390x.rpm php-ldap-5.4.16-36.el7_1.s390x.rpm php-mysql-5.4.16-36.el7_1.s390x.rpm php-odbc-5.4.16-36.el7_1.s390x.rpm php-pdo-5.4.16-36.el7_1.s390x.rpm php-pgsql-5.4.16-36.el7_1.s390x.rpm php-process-5.4.16-36.el7_1.s390x.rpm php-recode-5.4.16-36.el7_1.s390x.rpm php-soap-5.4.16-36.el7_1.s390x.rpm php-xml-5.4.16-36.el7_1.s390x.rpm php-xmlrpc-5.4.16-36.el7_1.s390x.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: php-5.4.16-36.ael7b_1.src.rpm
ppc64le: php-5.4.16-36.ael7b_1.ppc64le.rpm php-cli-5.4.16-36.ael7b_1.ppc64le.rpm php-common-5.4.16-36.ael7b_1.ppc64le.rpm php-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm php-gd-5.4.16-36.ael7b_1.ppc64le.rpm php-ldap-5.4.16-36.ael7b_1.ppc64le.rpm php-mysql-5.4.16-36.ael7b_1.ppc64le.rpm php-odbc-5.4.16-36.ael7b_1.ppc64le.rpm php-pdo-5.4.16-36.ael7b_1.ppc64le.rpm php-pgsql-5.4.16-36.ael7b_1.ppc64le.rpm php-process-5.4.16-36.ael7b_1.ppc64le.rpm php-recode-5.4.16-36.ael7b_1.ppc64le.rpm php-soap-5.4.16-36.ael7b_1.ppc64le.rpm php-xml-5.4.16-36.ael7b_1.ppc64le.rpm php-xmlrpc-5.4.16-36.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: php-bcmath-5.4.16-36.el7_1.ppc64.rpm php-dba-5.4.16-36.el7_1.ppc64.rpm php-debuginfo-5.4.16-36.el7_1.ppc64.rpm php-devel-5.4.16-36.el7_1.ppc64.rpm php-embedded-5.4.16-36.el7_1.ppc64.rpm php-enchant-5.4.16-36.el7_1.ppc64.rpm php-fpm-5.4.16-36.el7_1.ppc64.rpm php-intl-5.4.16-36.el7_1.ppc64.rpm php-mbstring-5.4.16-36.el7_1.ppc64.rpm php-mysqlnd-5.4.16-36.el7_1.ppc64.rpm php-pspell-5.4.16-36.el7_1.ppc64.rpm php-snmp-5.4.16-36.el7_1.ppc64.rpm
s390x: php-bcmath-5.4.16-36.el7_1.s390x.rpm php-dba-5.4.16-36.el7_1.s390x.rpm php-debuginfo-5.4.16-36.el7_1.s390x.rpm php-devel-5.4.16-36.el7_1.s390x.rpm php-embedded-5.4.16-36.el7_1.s390x.rpm php-enchant-5.4.16-36.el7_1.s390x.rpm php-fpm-5.4.16-36.el7_1.s390x.rpm php-intl-5.4.16-36.el7_1.s390x.rpm php-mbstring-5.4.16-36.el7_1.s390x.rpm php-mysqlnd-5.4.16-36.el7_1.s390x.rpm php-pspell-5.4.16-36.el7_1.s390x.rpm php-snmp-5.4.16-36.el7_1.s390x.rpm
x86_64: php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64le: php-bcmath-5.4.16-36.ael7b_1.ppc64le.rpm php-dba-5.4.16-36.ael7b_1.ppc64le.rpm php-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm php-devel-5.4.16-36.ael7b_1.ppc64le.rpm php-embedded-5.4.16-36.ael7b_1.ppc64le.rpm php-enchant-5.4.16-36.ael7b_1.ppc64le.rpm php-fpm-5.4.16-36.ael7b_1.ppc64le.rpm php-intl-5.4.16-36.ael7b_1.ppc64le.rpm php-mbstring-5.4.16-36.ael7b_1.ppc64le.rpm php-mysqlnd-5.4.16-36.ael7b_1.ppc64le.rpm php-pspell-5.4.16-36.ael7b_1.ppc64le.rpm php-snmp-5.4.16-36.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: php-5.4.16-36.el7_1.src.rpm
x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-8142 https://access.redhat.com/security/cve/CVE-2014-9652 https://access.redhat.com/security/cve/CVE-2014-9705 https://access.redhat.com/security/cve/CVE-2014-9709 https://access.redhat.com/security/cve/CVE-2015-0231 https://access.redhat.com/security/cve/CVE-2015-0232 https://access.redhat.com/security/cve/CVE-2015-0273 https://access.redhat.com/security/cve/CVE-2015-2301 https://access.redhat.com/security/cve/CVE-2015-2348 https://access.redhat.com/security/cve/CVE-2015-2783 https://access.redhat.com/security/cve/CVE-2015-2787 https://access.redhat.com/security/cve/CVE-2015-3307 https://access.redhat.com/security/cve/CVE-2015-3329 https://access.redhat.com/security/cve/CVE-2015-3330 https://access.redhat.com/security/cve/CVE-2015-3411 https://access.redhat.com/security/cve/CVE-2015-3412 https://access.redhat.com/security/cve/CVE-2015-4021 https://access.redhat.com/security/cve/CVE-2015-4022 https://access.redhat.com/security/cve/CVE-2015-4024 https://access.redhat.com/security/cve/CVE-2015-4025 https://access.redhat.com/security/cve/CVE-2015-4026 https://access.redhat.com/security/cve/CVE-2015-4147 https://access.redhat.com/security/cve/CVE-2015-4148 https://access.redhat.com/security/cve/CVE-2015-4598 https://access.redhat.com/security/cve/CVE-2015-4599 https://access.redhat.com/security/cve/CVE-2015-4600 https://access.redhat.com/security/cve/CVE-2015-4601 https://access.redhat.com/security/cve/CVE-2015-4602 https://access.redhat.com/security/cve/CVE-2015-4603 https://access.redhat.com/security/cve/CVE-2015-4604 https://access.redhat.com/security/cve/CVE-2015-4605 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFViR1aXlSAg2UNWIIRAuxPAJ42GLQVzvzc9kje0VjDv8NZWcPv6QCbBL+O dtqycPWs+07GhjmZ6NNx5Bg= =FREZ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ============================================================================ Ubuntu Security Notice USN-2658-1 July 06, 2015
php5 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in PHP.
Software Description: - php5: HTML-embedded scripting language interpreter
Details:
Neal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL bytes in file paths. (CVE-2015-3411, CVE-2015-3412, CVE-2015-4025, CVE-2015-4026, CVE-2015-4598)
Emmanuel Law discovered that the PHP phar extension incorrectly handled filenames starting with a NULL byte. (CVE-2015-4021)
Max Spelsberg discovered that PHP incorrectly handled the LIST command when connecting to remote FTP servers. (CVE-2015-4022, CVE-2015-4643)
Shusheng Liu discovered that PHP incorrectly handled certain malformed form data. (CVE-2015-4024)
Andrea Palazzo discovered that the PHP Soap client incorrectly validated data types. (CVE-2015-4147)
Andrea Palazzo discovered that the PHP Soap client incorrectly validated that the uri property is a string. A remote attacker could possibly use these issues to obtain sensitive information or cause a denial of service. This issue only affected Ubuntu 15.04. (CVE-2015-4644)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: libapache2-mod-php5 5.6.4+dfsg-4ubuntu6.2 php5-cgi 5.6.4+dfsg-4ubuntu6.2 php5-cli 5.6.4+dfsg-4ubuntu6.2 php5-fpm 5.6.4+dfsg-4ubuntu6.2
Ubuntu 14.10: libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.6 php5-cgi 5.5.12+dfsg-2ubuntu4.6 php5-cli 5.5.12+dfsg-2ubuntu4.6 php5-fpm 5.5.12+dfsg-2ubuntu4.6
Ubuntu 14.04 LTS: libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.11 php5-cgi 5.5.9+dfsg-1ubuntu4.11 php5-cli 5.5.9+dfsg-1ubuntu4.11 php5-fpm 5.5.9+dfsg-1ubuntu4.11
Ubuntu 12.04 LTS: libapache2-mod-php5 5.3.10-1ubuntu3.19 php5-cgi 5.3.10-1ubuntu3.19 php5-cli 5.3.10-1ubuntu3.19 php5-fpm 5.3.10-1ubuntu3.19
In general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201606-10
https://security.gentoo.org/
Severity: Normal Title: PHP: Multiple vulnerabilities Date: June 19, 2016 Bugs: #537586, #541098, #544186, #544330, #546872, #549538, #552408, #555576, #555830, #556952, #559612, #562882, #571254, #573892, #577376 ID: 201606-10
Synopsis
Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution, or cause a Denial of Service condition.
Background
PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All PHP 5.4 users should upgrade to the latest 5.5 stable branch, as PHP 5.4 is now masked in Portage:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev=lang/php-5.5.33"
All PHP 5.5 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev=lang/php-5.5.33"
All PHP 5.6 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev=lang/php-5.6.19"
References
[ 1 ] CVE-2013-6501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6501 [ 2 ] CVE-2014-9705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9705 [ 3 ] CVE-2014-9709 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9709 [ 4 ] CVE-2015-0231 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0231 [ 5 ] CVE-2015-0273 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0273 [ 6 ] CVE-2015-1351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1351 [ 7 ] CVE-2015-1352 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1352 [ 8 ] CVE-2015-2301 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2301 [ 9 ] CVE-2015-2348 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2348 [ 10 ] CVE-2015-2783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2783 [ 11 ] CVE-2015-2787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2787 [ 12 ] CVE-2015-3329 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3329 [ 13 ] CVE-2015-3330 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3330 [ 14 ] CVE-2015-4021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4021 [ 15 ] CVE-2015-4022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4022 [ 16 ] CVE-2015-4025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4025 [ 17 ] CVE-2015-4026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4026 [ 18 ] CVE-2015-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4147 [ 19 ] CVE-2015-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4148 [ 20 ] CVE-2015-4642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4642 [ 21 ] CVE-2015-4643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4643 [ 22 ] CVE-2015-4644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4644 [ 23 ] CVE-2015-6831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6831 [ 24 ] CVE-2015-6832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6832 [ 25 ] CVE-2015-6833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6833 [ 26 ] CVE-2015-6834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6834 [ 27 ] CVE-2015-6835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6835 [ 28 ] CVE-2015-6836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6836 [ 29 ] CVE-2015-6837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6837 [ 30 ] CVE-2015-6838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6838 [ 31 ] CVE-2015-7803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7803 [ 32 ] CVE-2015-7804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7804
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201606-10
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.1"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.5"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.4"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.21"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.14"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.13"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.12"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.11"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.10"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.5"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.4"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.3"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.1"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.8"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.3"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.6.2"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.9"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.8"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.24"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.23"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.22"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.20"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.2"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.19"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.5.18"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.4.39"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.5.0"
},
{
"_id": null,
"model": "php",
"scope": "lte",
"trust": 1.0,
"vendor": "php",
"version": "5.4.40"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.6.0"
},
{
"_id": null,
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.4"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.9.5"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.4"
},
{
"_id": null,
"model": "php",
"scope": "lt",
"trust": 0.8,
"vendor": "the php group",
"version": "5.6.x"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.8,
"vendor": "the php group",
"version": "5.6.9"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.8,
"vendor": "the php group",
"version": "5.5.25"
},
{
"_id": null,
"model": "php",
"scope": "lt",
"trust": 0.8,
"vendor": "the php group",
"version": "5.5.x"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.6.1"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.37"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.30"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.29"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.26"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.25"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.17"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.14"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.8"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.7"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.4"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.3"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.2"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.1"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.6.8"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.6"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5.17"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5.16"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5.15"
},
{
"_id": null,
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5.0"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.5.0"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.9"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.5"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.40"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.38"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.36"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.35"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.34"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.33"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.32"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.31"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.28"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.27"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.24"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.23"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.22"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.21"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.20"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.19"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.18"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.16"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.16"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.15"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.15"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.14"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.13"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.13"
},
{
"_id": null,
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.12"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.12"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.12"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.11"
},
{
"_id": null,
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.4.10"
},
{
"_id": null,
"model": "5.4.0rc2",
"scope": null,
"trust": 0.3,
"vendor": "php",
"version": null
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.3"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"_id": null,
"model": "flex system chassis management module 2pet",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.2"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12"
},
{
"_id": null,
"model": "php",
"scope": "ne",
"trust": 0.3,
"vendor": "php",
"version": "5.6.9"
},
{
"_id": null,
"model": "php",
"scope": "ne",
"trust": 0.3,
"vendor": "php",
"version": "5.5.25"
},
{
"_id": null,
"model": "php",
"scope": "ne",
"trust": 0.3,
"vendor": "php",
"version": "5.4.41"
},
{
"_id": null,
"model": "flex system chassis management module 2pet14c-2.5.5c",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"_id": null,
"model": "alienvault",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.2"
}
],
"sources": [
{
"db": "BID",
"id": "75056"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
},
{
"db": "NVD",
"id": "CVE-2015-4026"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:php:php",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132619"
},
{
"db": "PACKETSTORM",
"id": "132442"
}
],
"trust": 0.4
},
"cve": "CVE-2015-4026",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-4026",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-81987",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-4026",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-4026",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-132",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-81987",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-4026",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81987"
},
{
"db": "VULMON",
"id": "CVE-2015-4026"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
},
{
"db": "NVD",
"id": "CVE-2015-4026"
}
]
},
"description": {
"_id": null,
"data": "The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \\x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. PHP is prone to a security-bypass vulnerability. \nAn attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A security vulnerability exists in PHP\u0027s implementation of pcntl_exec, which stems from the fact that the program does not allow null bytes in pathnames. The following versions are affected: PHP prior to 5.4.41, 5.5.x prior to 5.5.25, and 5.6.x prior to 5.6.9. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: php security and bug fix update\nAdvisory ID: RHSA-2015:1135-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1135.html\nIssue date: 2015-06-23\nCVE Names: CVE-2014-8142 CVE-2014-9652 CVE-2014-9705 \n CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 \n CVE-2015-0273 CVE-2015-2301 CVE-2015-2348 \n CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 \n CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 \n CVE-2015-3412 CVE-2015-4021 CVE-2015-4022 \n CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 \n CVE-2015-4147 CVE-2015-4148 CVE-2015-4598 \n CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 \n CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 \n CVE-2015-4605 \n=====================================================================\n\n1. Summary:\n\nUpdated php packages that fix multiple security issues and several bugs\nare now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. \n\nA flaw was found in the way the PHP module for the Apache httpd web server\nhandled pipelined requests. A remote attacker could use this flaw to\ntrigger the execution of a PHP script in a deinitialized interpreter,\ncausing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330)\n\nA flaw was found in the way PHP parsed multipart HTTP POST requests. A\nspecially crafted request could cause PHP to use an excessive amount of CPU\ntime. (CVE-2015-4024)\n\nAn uninitialized pointer use flaw was found in PHP\u0027s Exif extension. A\nspecially crafted JPEG or TIFF file could cause a PHP application using the\nexif_read_data() function to crash or, possibly, execute arbitrary code\nwith the privileges of the user running that PHP application. \n(CVE-2015-0232)\n\nAn integer overflow flaw leading to a heap-based buffer overflow was found\nin the way PHP\u0027s FTP extension parsed file listing FTP server responses. A\nmalicious FTP server could use this flaw to cause a PHP application to\ncrash or, possibly, execute arbitrary code. (CVE-2015-4022)\n\nMultiple flaws were discovered in the way PHP performed object\nunserialization. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash or, possibly, execute\narbitrary code. (CVE-2014-8142, CVE-2015-0231, CVE-2015-0273,\nCVE-2015-2787, CVE-2015-4147, CVE-2015-4148, CVE-2015-4599, CVE-2015-4600,\nCVE-2015-4601, CVE-2015-4602, CVE-2015-4603)\n\nIt was found that certain PHP functions did not properly handle file names\ncontaining a NULL character. (CVE-2015-2348, CVE-2015-4025, CVE-2015-4026,\nCVE-2015-3411, CVE-2015-3412, CVE-2015-4598)\n\nMultiple flaws were found in the way the way PHP\u0027s Phar extension parsed\nPhar archives. A specially crafted archive could cause PHP to crash or,\npossibly, execute arbitrary code when opened. (CVE-2015-2301,\nCVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-4021)\n\nMultiple flaws were found in PHP\u0027s File Information (fileinfo) extension. \nA remote attacker could cause a PHP application to crash if it used\nfileinfo to identify type of attacker supplied files. (CVE-2014-9652,\nCVE-2015-4604, CVE-2015-4605)\n\nA heap buffer overflow flaw was found in the enchant_broker_request_dict()\nfunction of PHP\u0027s enchant extension. An attacker able to make a PHP\napplication enchant dictionaries could possibly cause it to crash. \n(CVE-2014-9705)\n\nA buffer over-read flaw was found in the GD library used by the PHP gd\nextension. A specially crafted GIF file could cause a PHP application using\nthe imagecreatefromgif() function to crash. (CVE-2014-9709)\n\nThis update also fixes the following bugs:\n\n* The libgmp library in some cases terminated unexpectedly with a\nsegmentation fault when being used with other libraries that use the GMP\nmemory management. With this update, PHP no longer changes libgmp memory\nallocators, which prevents the described crash from occurring. (BZ#1212305)\n\n* When using the Open Database Connectivity (ODBC) API, the PHP process\nin some cases terminated unexpectedly with a segmentation fault. The\nunderlying code has been adjusted to prevent this crash. (BZ#1212299)\n\n* Previously, running PHP on a big-endian system sometimes led to memory\ncorruption in the fileinfo module. This update adjusts the behavior of\nthe PHP pointer so that it can be freed without causing memory corruption. \n(BZ#1212298)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1175718 - CVE-2014-8142 php: use after free vulnerability in unserialize()\n1185397 - CVE-2015-0231 php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142)\n1185472 - CVE-2015-0232 php: Free called on unitialized pointer in exif.c\n1188599 - CVE-2014-9652 file: out of bounds read in mconvert()\n1188639 - CVE-2014-9709 gd: buffer read overflow in gd_gif_in.c\n1194730 - CVE-2015-0273 php: use after free vulnerability in unserialize() with DateTimeZone\n1194737 - CVE-2014-9705 php: heap buffer overflow in enchant_broker_request_dict()\n1194747 - CVE-2015-2301 php: use after free in phar_object.c\n1204868 - CVE-2015-4147 php: SoapClient\u0027s __call() type confusion through unserialize()\n1207676 - CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re\n1207682 - CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name\n1213394 - CVE-2015-3330 php: pipelined request executed in deinitialized interpreter under httpd 2.4\n1213407 - CVE-2015-3411 php: missing null byte checks for paths in various PHP extensions\n1213442 - CVE-2015-4604 CVE-2015-4605 php: denial of service when processing a crafted file with Fileinfo\n1213446 - CVE-2015-2783 php: buffer over-read in Phar metadata parsing\n1213449 - CVE-2015-3329 php: buffer overflow in phar_set_inode()\n1222485 - CVE-2015-4024 php: multipart/form-data request paring CPU usage DoS\n1222538 - CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 php: type confusion issue in unserialize() with various SOAP methods\n1223408 - CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+\n1223412 - CVE-2015-4022 php: integer overflow leading to heap overflow when reading FTP file listing\n1223422 - CVE-2015-4026 php: pcntl_exec() accepts paths with NUL character\n1223425 - CVE-2015-4021 php: memory corruption in phar_parse_tarfile caused by empty entry file name\n1223441 - CVE-2015-3307 php: invalid pointer free() in phar_tar_process_metadata()\n1226916 - CVE-2015-4148 php: SoapClient\u0027s do_soap_call() type confusion after unserialize()\n1232823 - CVE-2015-3412 php: missing null byte checks for paths in various PHP extensions\n1232897 - CVE-2015-4598 php: missing null byte checks for paths in DOM and GD extensions\n1232918 - CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize\n1232923 - CVE-2015-4602 php: Incomplete Class unserialization type confusion\n\n6. Package List:\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nppc64:\nphp-5.4.16-36.el7_1.ppc64.rpm\nphp-cli-5.4.16-36.el7_1.ppc64.rpm\nphp-common-5.4.16-36.el7_1.ppc64.rpm\nphp-debuginfo-5.4.16-36.el7_1.ppc64.rpm\nphp-gd-5.4.16-36.el7_1.ppc64.rpm\nphp-ldap-5.4.16-36.el7_1.ppc64.rpm\nphp-mysql-5.4.16-36.el7_1.ppc64.rpm\nphp-odbc-5.4.16-36.el7_1.ppc64.rpm\nphp-pdo-5.4.16-36.el7_1.ppc64.rpm\nphp-pgsql-5.4.16-36.el7_1.ppc64.rpm\nphp-process-5.4.16-36.el7_1.ppc64.rpm\nphp-recode-5.4.16-36.el7_1.ppc64.rpm\nphp-soap-5.4.16-36.el7_1.ppc64.rpm\nphp-xml-5.4.16-36.el7_1.ppc64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.ppc64.rpm\n\ns390x:\nphp-5.4.16-36.el7_1.s390x.rpm\nphp-cli-5.4.16-36.el7_1.s390x.rpm\nphp-common-5.4.16-36.el7_1.s390x.rpm\nphp-debuginfo-5.4.16-36.el7_1.s390x.rpm\nphp-gd-5.4.16-36.el7_1.s390x.rpm\nphp-ldap-5.4.16-36.el7_1.s390x.rpm\nphp-mysql-5.4.16-36.el7_1.s390x.rpm\nphp-odbc-5.4.16-36.el7_1.s390x.rpm\nphp-pdo-5.4.16-36.el7_1.s390x.rpm\nphp-pgsql-5.4.16-36.el7_1.s390x.rpm\nphp-process-5.4.16-36.el7_1.s390x.rpm\nphp-recode-5.4.16-36.el7_1.s390x.rpm\nphp-soap-5.4.16-36.el7_1.s390x.rpm\nphp-xml-5.4.16-36.el7_1.s390x.rpm\nphp-xmlrpc-5.4.16-36.el7_1.s390x.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nphp-5.4.16-36.ael7b_1.src.rpm\n\nppc64le:\nphp-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-cli-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-common-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-gd-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-ldap-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mysql-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-odbc-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pdo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pgsql-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-process-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-recode-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-soap-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-xml-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-xmlrpc-5.4.16-36.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nphp-bcmath-5.4.16-36.el7_1.ppc64.rpm\nphp-dba-5.4.16-36.el7_1.ppc64.rpm\nphp-debuginfo-5.4.16-36.el7_1.ppc64.rpm\nphp-devel-5.4.16-36.el7_1.ppc64.rpm\nphp-embedded-5.4.16-36.el7_1.ppc64.rpm\nphp-enchant-5.4.16-36.el7_1.ppc64.rpm\nphp-fpm-5.4.16-36.el7_1.ppc64.rpm\nphp-intl-5.4.16-36.el7_1.ppc64.rpm\nphp-mbstring-5.4.16-36.el7_1.ppc64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.ppc64.rpm\nphp-pspell-5.4.16-36.el7_1.ppc64.rpm\nphp-snmp-5.4.16-36.el7_1.ppc64.rpm\n\ns390x:\nphp-bcmath-5.4.16-36.el7_1.s390x.rpm\nphp-dba-5.4.16-36.el7_1.s390x.rpm\nphp-debuginfo-5.4.16-36.el7_1.s390x.rpm\nphp-devel-5.4.16-36.el7_1.s390x.rpm\nphp-embedded-5.4.16-36.el7_1.s390x.rpm\nphp-enchant-5.4.16-36.el7_1.s390x.rpm\nphp-fpm-5.4.16-36.el7_1.s390x.rpm\nphp-intl-5.4.16-36.el7_1.s390x.rpm\nphp-mbstring-5.4.16-36.el7_1.s390x.rpm\nphp-mysqlnd-5.4.16-36.el7_1.s390x.rpm\nphp-pspell-5.4.16-36.el7_1.s390x.rpm\nphp-snmp-5.4.16-36.el7_1.s390x.rpm\n\nx86_64:\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64le:\nphp-bcmath-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-dba-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-devel-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-embedded-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-enchant-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-fpm-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-intl-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mbstring-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mysqlnd-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pspell-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-snmp-5.4.16-36.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-8142\nhttps://access.redhat.com/security/cve/CVE-2014-9652\nhttps://access.redhat.com/security/cve/CVE-2014-9705\nhttps://access.redhat.com/security/cve/CVE-2014-9709\nhttps://access.redhat.com/security/cve/CVE-2015-0231\nhttps://access.redhat.com/security/cve/CVE-2015-0232\nhttps://access.redhat.com/security/cve/CVE-2015-0273\nhttps://access.redhat.com/security/cve/CVE-2015-2301\nhttps://access.redhat.com/security/cve/CVE-2015-2348\nhttps://access.redhat.com/security/cve/CVE-2015-2783\nhttps://access.redhat.com/security/cve/CVE-2015-2787\nhttps://access.redhat.com/security/cve/CVE-2015-3307\nhttps://access.redhat.com/security/cve/CVE-2015-3329\nhttps://access.redhat.com/security/cve/CVE-2015-3330\nhttps://access.redhat.com/security/cve/CVE-2015-3411\nhttps://access.redhat.com/security/cve/CVE-2015-3412\nhttps://access.redhat.com/security/cve/CVE-2015-4021\nhttps://access.redhat.com/security/cve/CVE-2015-4022\nhttps://access.redhat.com/security/cve/CVE-2015-4024\nhttps://access.redhat.com/security/cve/CVE-2015-4025\nhttps://access.redhat.com/security/cve/CVE-2015-4026\nhttps://access.redhat.com/security/cve/CVE-2015-4147\nhttps://access.redhat.com/security/cve/CVE-2015-4148\nhttps://access.redhat.com/security/cve/CVE-2015-4598\nhttps://access.redhat.com/security/cve/CVE-2015-4599\nhttps://access.redhat.com/security/cve/CVE-2015-4600\nhttps://access.redhat.com/security/cve/CVE-2015-4601\nhttps://access.redhat.com/security/cve/CVE-2015-4602\nhttps://access.redhat.com/security/cve/CVE-2015-4603\nhttps://access.redhat.com/security/cve/CVE-2015-4604\nhttps://access.redhat.com/security/cve/CVE-2015-4605\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFViR1aXlSAg2UNWIIRAuxPAJ42GLQVzvzc9kje0VjDv8NZWcPv6QCbBL+O\ndtqycPWs+07GhjmZ6NNx5Bg=\n=FREZ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ============================================================================\nUbuntu Security Notice USN-2658-1\nJuly 06, 2015\n\nphp5 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in PHP. \n\nSoftware Description:\n- php5: HTML-embedded scripting language interpreter\n\nDetails:\n\nNeal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL\nbytes in file paths. (CVE-2015-3411, CVE-2015-3412, CVE-2015-4025, CVE-2015-4026,\nCVE-2015-4598)\n\nEmmanuel Law discovered that the PHP phar extension incorrectly handled\nfilenames starting with a NULL byte. (CVE-2015-4021)\n\nMax Spelsberg discovered that PHP incorrectly handled the LIST command\nwhen connecting to remote FTP servers. (CVE-2015-4022,\nCVE-2015-4643)\n\nShusheng Liu discovered that PHP incorrectly handled certain malformed form\ndata. (CVE-2015-4024)\n\nAndrea Palazzo discovered that the PHP Soap client incorrectly validated\ndata types. (CVE-2015-4147)\n\nAndrea Palazzo discovered that the PHP Soap client incorrectly validated\nthat the uri property is a string. A remote attacker could possibly use these issues to\nobtain sensitive information or cause a denial of service. This issue only affected Ubuntu\n15.04. (CVE-2015-4644)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n libapache2-mod-php5 5.6.4+dfsg-4ubuntu6.2\n php5-cgi 5.6.4+dfsg-4ubuntu6.2\n php5-cli 5.6.4+dfsg-4ubuntu6.2\n php5-fpm 5.6.4+dfsg-4ubuntu6.2\n\nUbuntu 14.10:\n libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.6\n php5-cgi 5.5.12+dfsg-2ubuntu4.6\n php5-cli 5.5.12+dfsg-2ubuntu4.6\n php5-fpm 5.5.12+dfsg-2ubuntu4.6\n\nUbuntu 14.04 LTS:\n libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.11\n php5-cgi 5.5.9+dfsg-1ubuntu4.11\n php5-cli 5.5.9+dfsg-1ubuntu4.11\n php5-fpm 5.5.9+dfsg-1ubuntu4.11\n\nUbuntu 12.04 LTS:\n libapache2-mod-php5 5.3.10-1ubuntu3.19\n php5-cgi 5.3.10-1ubuntu3.19\n php5-cli 5.3.10-1ubuntu3.19\n php5-fpm 5.3.10-1ubuntu3.19\n\nIn general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201606-10\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: PHP: Multiple vulnerabilities\n Date: June 19, 2016\n Bugs: #537586, #541098, #544186, #544330, #546872, #549538,\n #552408, #555576, #555830, #556952, #559612, #562882,\n #571254, #573892, #577376\n ID: 201606-10\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in PHP, the worst of which\ncould lead to arbitrary code execution, or cause a Denial of Service\ncondition. \n\nBackground\n==========\n\nPHP is a widely-used general-purpose scripting language that is\nespecially suited for Web development and can be embedded into HTML. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll PHP 5.4 users should upgrade to the latest 5.5 stable branch, as\nPHP 5.4 is now masked in Portage:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev=lang/php-5.5.33\"\n\nAll PHP 5.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev=lang/php-5.5.33\"\n\nAll PHP 5.6 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev=lang/php-5.6.19\"\n\nReferences\n==========\n\n[ 1 ] CVE-2013-6501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6501\n[ 2 ] CVE-2014-9705\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9705\n[ 3 ] CVE-2014-9709\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9709\n[ 4 ] CVE-2015-0231\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0231\n[ 5 ] CVE-2015-0273\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0273\n[ 6 ] CVE-2015-1351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1351\n[ 7 ] CVE-2015-1352\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1352\n[ 8 ] CVE-2015-2301\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2301\n[ 9 ] CVE-2015-2348\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2348\n[ 10 ] CVE-2015-2783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2783\n[ 11 ] CVE-2015-2787\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2787\n[ 12 ] CVE-2015-3329\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3329\n[ 13 ] CVE-2015-3330\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3330\n[ 14 ] CVE-2015-4021\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4021\n[ 15 ] CVE-2015-4022\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4022\n[ 16 ] CVE-2015-4025\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4025\n[ 17 ] CVE-2015-4026\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4026\n[ 18 ] CVE-2015-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4147\n[ 19 ] CVE-2015-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4148\n[ 20 ] CVE-2015-4642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4642\n[ 21 ] CVE-2015-4643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4643\n[ 22 ] CVE-2015-4644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4644\n[ 23 ] CVE-2015-6831\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6831\n[ 24 ] CVE-2015-6832\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6832\n[ 25 ] CVE-2015-6833\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6833\n[ 26 ] CVE-2015-6834\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6834\n[ 27 ] CVE-2015-6835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6835\n[ 28 ] CVE-2015-6836\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6836\n[ 29 ] CVE-2015-6837\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6837\n[ 30 ] CVE-2015-6838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6838\n[ 31 ] CVE-2015-7803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7803\n[ 32 ] CVE-2015-7804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7804\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201606-10\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4026"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
},
{
"db": "BID",
"id": "75056"
},
{
"db": "VULHUB",
"id": "VHN-81987"
},
{
"db": "VULMON",
"id": "CVE-2015-4026"
},
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132619"
},
{
"db": "PACKETSTORM",
"id": "132531"
},
{
"db": "PACKETSTORM",
"id": "132442"
},
{
"db": "PACKETSTORM",
"id": "137539"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-4026",
"trust": 3.5
},
{
"db": "BID",
"id": "75056",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1032431",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81987",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-4026",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132440",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132406",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132619",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132531",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132442",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137539",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81987"
},
{
"db": "VULMON",
"id": "CVE-2015-4026"
},
{
"db": "BID",
"id": "75056"
},
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132619"
},
{
"db": "PACKETSTORM",
"id": "132531"
},
{
"db": "PACKETSTORM",
"id": "132442"
},
{
"db": "PACKETSTORM",
"id": "137539"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
},
{
"db": "NVD",
"id": "CVE-2015-4026"
}
]
},
"id": "VAR-201506-0268",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81987"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:34:06.025000Z",
"patch": {
"_id": null,
"data": [
{
"title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205031"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT205031"
},
{
"title": "Sec Bug #68598",
"trust": 0.8,
"url": "https://bugs.php.net/bug.php?id=68598"
},
{
"title": "PHP 5 ChangeLog",
"trust": 0.8,
"url": "http://php.net/ChangeLog-5.php"
},
{
"title": "TLSA-2015-15",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2015/TLSA-2015-15j.html"
},
{
"title": "Debian Security Advisories: DSA-3280-1 php5 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=46f85ac4e3abfa7a18e115fb47892db6"
},
{
"title": "Amazon Linux AMI: ALAS-2015-535",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-535"
},
{
"title": "Amazon Linux AMI: ALAS-2015-534",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-534"
},
{
"title": "Amazon Linux AMI: ALAS-2015-536",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-536"
},
{
"title": "Ubuntu Security Notice: php5 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2658-1"
},
{
"title": "Apple: OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=9834d0d73bf28fb80d3390930bafd906"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a22ad41e97bbfc5abb0bb927bf43089c"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=8ad80411af3e936eb2998df70506cc71"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-4026"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-19",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81987"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
},
{
"db": "NVD",
"id": "CVE-2015-4026"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.2,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1135.html"
},
{
"trust": 2.1,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"trust": 2.1,
"url": "https://bugs.php.net/bug.php?id=68598"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1186.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1187.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1219.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/75056"
},
{
"trust": 1.8,
"url": "http://php.net/changelog-5.php"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht205031"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/158616.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/159031.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/158915.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1218.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1032431"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4026"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4026"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4021"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4025"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4026"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4022"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4598"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4024"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3411"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4024"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3330"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4021"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4022"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3412"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4026"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4602"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4598"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-4025"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3329"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2783"
},
{
"trust": 0.3,
"url": "http://www.php.net"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223422"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 0.3,
"url": "https://www.oracle.com/technetwork/topics/security/bulletinjul2017-3814622.html"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/6075/security-advisory-alienvault-v5-2-addresses-55-vulnerabilities"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099196"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098669"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4605"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-4603"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-4604"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3330"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3307"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3411"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-2783"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-4602"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3307"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3412"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4604"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-3329"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-4605"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4603"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4148"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4147"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4601"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4600"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2348"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4599"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2301"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2787"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9709"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4644"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4643"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/19.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2658-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8142"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4600"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4147"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4148"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0232"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0273"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-9705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4599"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2787"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4601"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2301"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2348"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8142"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-9709"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0231"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.6.4+dfsg-4ubuntu6.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.11"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.5.12+dfsg-2ubuntu4.6"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2658-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.19"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2301"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1352"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2348"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4022"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6836"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-9709"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4026"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6831"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0273"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4021"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7804"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4643"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6501"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6834"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4642"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6832"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6832"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6831"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6835"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3330"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4642"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2787"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4148"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3329"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7803"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6833"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4025"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4644"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-9705"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6834"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6833"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81987"
},
{
"db": "VULMON",
"id": "CVE-2015-4026"
},
{
"db": "BID",
"id": "75056"
},
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132619"
},
{
"db": "PACKETSTORM",
"id": "132531"
},
{
"db": "PACKETSTORM",
"id": "132442"
},
{
"db": "PACKETSTORM",
"id": "137539"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
},
{
"db": "NVD",
"id": "CVE-2015-4026"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-81987",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-4026",
"ident": null
},
{
"db": "BID",
"id": "75056",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132440",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132406",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132619",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132531",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132442",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137539",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003052",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-4026",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-06-09T00:00:00",
"db": "VULHUB",
"id": "VHN-81987",
"ident": null
},
{
"date": "2015-06-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-4026",
"ident": null
},
{
"date": "2015-05-14T00:00:00",
"db": "BID",
"id": "75056",
"ident": null
},
{
"date": "2015-06-25T14:18:12",
"db": "PACKETSTORM",
"id": "132440",
"ident": null
},
{
"date": "2015-06-23T14:07:16",
"db": "PACKETSTORM",
"id": "132406",
"ident": null
},
{
"date": "2015-07-09T23:16:26",
"db": "PACKETSTORM",
"id": "132619",
"ident": null
},
{
"date": "2015-07-07T00:23:34",
"db": "PACKETSTORM",
"id": "132531",
"ident": null
},
{
"date": "2015-06-25T14:18:25",
"db": "PACKETSTORM",
"id": "132442",
"ident": null
},
{
"date": "2016-06-19T15:55:00",
"db": "PACKETSTORM",
"id": "137539",
"ident": null
},
{
"date": "2015-06-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-132",
"ident": null
},
{
"date": "2015-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003052",
"ident": null
},
{
"date": "2015-06-09T18:59:08.597000",
"db": "NVD",
"id": "CVE-2015-4026",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2019-04-22T00:00:00",
"db": "VULHUB",
"id": "VHN-81987",
"ident": null
},
{
"date": "2019-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2015-4026",
"ident": null
},
{
"date": "2017-07-21T13:07:00",
"db": "BID",
"id": "75056",
"ident": null
},
{
"date": "2019-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-132",
"ident": null
},
{
"date": "2015-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003052",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-4026",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "132440"
},
{
"db": "PACKETSTORM",
"id": "132406"
},
{
"db": "PACKETSTORM",
"id": "132531"
},
{
"db": "PACKETSTORM",
"id": "132442"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-132"
}
],
"trust": 1.0
},
"title": {
"_id": null,
"data": "PHP of pcntl_exec Vulnerability that can prevent extension restrictions in the implementation of",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003052"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-132"
}
],
"trust": 0.6
}
}
VAR-201109-0211
Vulnerability from variot - Updated: 2026-04-10 22:32Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller. Used in multiple products Webkit There is a service disruption (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, cause denial-of-service conditions, perform spoofing attacks, and bypass the same-origin policy; other attacks may also be possible. Versions prior to Chrome 14.0.835.163 are vulnerable. Google Chrome is a web browser developed by Google (Google). These could be used in a malicious web site to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue is addressed through an improved domain name validity check. This issue does not affect OS X systems. Third-party websites could set cookies if the "Block Cookies" preference in Safari was set to the default setting of "From third parties and advertisers". CVE-ID CVE-2012-0640 : nshah
WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later Impact: HTTP authentication credentials may be inadvertently disclosed to another site Description: If a site uses HTTP authentication and redirects to another site, the authentication credentials may be sent to the other site. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2012-03-07-2 iOS 5.1 Software Update
iOS 5.1 Software Update is now available and addresses the following:
CFNetwork Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers. CVE-ID CVE-2012-0641 : Erling Ellingsen of Facebook
HFS Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Mounting a maliciously crafted disk image may lead to a device shutdown or arbitrary code execution Description: An integer underflow existed with the handling of HFS catalog files. CVE-ID CVE-2012-0642 : pod2g
Kernel Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A malicious program could bypass sandbox restrictions Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges. CVE-ID CVE-2012-0643 : 2012 iOS Jailbreak Dream Team
libresolv Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Applications that use the libresolv library may be vulnerable to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of DNS resource records, which may lead to heap memory corruption. CVE-ID CVE-2011-3453 : Ilja van Sprundel of IOActive
Passcode Lock Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A person with physical access to the device may be able to bypass the screen lock Description: A race condition issue existed in the handling of slide to dial gestures. This may allow a person with physical access to the device to bypass the Passcode Lock screen. CVE-ID CVE-2012-0644 : Roland Kohler of the German Federal Ministry of Economics and Technology
Safari Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Web page visits may be recorded in browser history even when Private Browsing is active Description: Safari's Private Browsing is designed to prevent recording of a browsing session. Pages visited as a result of a site using the JavaScript methods pushState or replaceState were recorded in the browser history even when Private Browsing mode was active. This issue is addressed by not recording such visits when Private Browsing is active. CVE-ID CVE-2012-0585 : Eric Melville of American Express
Siri Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: An attacker with physical access to a locked phone could get access to frontmost email message Description: A design issue existed in Siri's lock screen restrictions. If Siri was enabled for use on the lock screen, and Mail was open with a message selected behind the lock screen, a voice command could be used to send that message to an arbitrary recipient. This issue is addressed by disabling forwarding of active messages from the lock screen. CVE-ID CVE-2012-0645
VPN Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A maliciously crafted system configuration file may lead to arbitrary code execution with system privileges Description: A format string vulnerability existed in the handling of racoon configuration files. CVE-ID CVE-2012-0646 : pod2g
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of cookies Description: A cross-origin issue existed in WebKit, which may allow cookies to be disclosed across origins. CVE-ID CVE-2011-3887 : Sergey Glazunov
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website and dragging content with the mouse may lead to a cross-site scripting attack Description: A cross-origin issue existed in WebKit, which may allow content to be dragged and dropped across origins. CVE-ID CVE-2012-0590 : Adam Barth of Google Chrome Security Team
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: Multiple cross-origin issues existed in WebKit. CVE-ID CVE-2011-3881 : Sergey Glazunov CVE-2012-0586 : Sergey Glazunov CVE-2012-0587 : Sergey Glazunov CVE-2012-0588 : Jochen Eisinger of Google Chrome Team CVE-2012-0589 : Alan Austin of polyvore.com
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. CVE-ID CVE-2011-2825 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-2833 : Apple CVE-2011-2846 : Arthur Gerkis, miaubiz CVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense VCP CVE-2011-2857 : miaubiz CVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2867 : Dirk Schulze CVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2869 : Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2877 : miaubiz CVE-2011-3885 : miaubiz CVE-2011-3888 : miaubiz CVE-2011-3897 : pa_kt working with TippingPoint's Zero Day Initiative CVE-2011-3908 : Aki Helin of OUSPG CVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu CVE-2011-3928 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2012-0591 : miaubiz, and Martin Barbella CVE-2012-0592 : Alexander Gavrun working with TippingPoint's Zero Day Initiative CVE-2012-0593 : Lei Zhang of the Chromium development community CVE-2012-0594 : Adam Klein of the Chromium development community CVE-2012-0595 : Apple CVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0597 : miaubiz CVE-2012-0598 : Sergey Glazunov CVE-2012-0599 : Dmytro Gorbunov of SaveSources.com CVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google Chrome, miaubiz, Aki Helin of OUSPG, Apple CVE-2012-0601 : Apple CVE-2012-0602 : Apple CVE-2012-0603 : Apple CVE-2012-0604 : Apple CVE-2012-0605 : Apple CVE-2012-0606 : Apple CVE-2012-0607 : Apple CVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0611 : Martin Barbella using AddressSanitizer CVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0615 : Martin Barbella using AddressSanitizer CVE-2012-0616 : miaubiz CVE-2012-0617 : Martin Barbella using AddressSanitizer CVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0621 : Martin Barbella using AddressSanitizer CVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome Security Team CVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0624 : Martin Barbella using AddressSanitizer CVE-2012-0625 : Martin Barbella CVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0627 : Apple CVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0630 : Sergio Villar Senin of Igalia CVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using AddressSanitizer CVE-2012-0633 : Apple CVE-2012-0635 : Julien Chaffraix of the Chromium development community, Martin Barbella using AddressSanitizer
Installation note:
This update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad.
The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "5.1".
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq 4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM bCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY RDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90 HAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6 7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY= =qPeE -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201111-01
http://security.gentoo.org/
Severity: High Title: Chromium, V8: Multiple vulnerabilities Date: November 01, 2011 Bugs: #351525, #353626, #354121, #356933, #357963, #358581, #360399, #363629, #365125, #366335, #367013, #368649, #370481, #373451, #373469, #377475, #377629, #380311, #380897, #381713, #383251, #385649, #388461 ID: 201111-01
Synopsis
Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code and local root privilege escalation.
Background
Chromium is an open-source web browser project. V8 is Google's open source JavaScript engine.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 15.0.874.102 >= 15.0.874.102 2 dev-lang/v8 < 3.5.10.22 >= 3.5.10.22 ------------------------------------------------------------------- 2 affected packages -------------------------------------------------------------------
Description
Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details.
Impact
A local attacker could gain root privileges (CVE-2011-1444, fixed in chromium-11.0.696.57).
A context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-15.0.874.102"
All V8 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/v8-3.5.10.22"
References
[ 1 ] CVE-2011-2345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2345 [ 2 ] CVE-2011-2346 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2346 [ 3 ] CVE-2011-2347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2347 [ 4 ] CVE-2011-2348 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2348 [ 5 ] CVE-2011-2349 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2349 [ 6 ] CVE-2011-2350 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2350 [ 7 ] CVE-2011-2351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2351 [ 8 ] CVE-2011-2834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834 [ 9 ] CVE-2011-2835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2835 [ 10 ] CVE-2011-2837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2837 [ 11 ] CVE-2011-2838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2838 [ 12 ] CVE-2011-2839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2839 [ 13 ] CVE-2011-2840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2840 [ 14 ] CVE-2011-2841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2841 [ 15 ] CVE-2011-2843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2843 [ 16 ] CVE-2011-2844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2844 [ 17 ] CVE-2011-2845 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2845 [ 18 ] CVE-2011-2846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2846 [ 19 ] CVE-2011-2847 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2847 [ 20 ] CVE-2011-2848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2848 [ 21 ] CVE-2011-2849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2849 [ 22 ] CVE-2011-2850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2850 [ 23 ] CVE-2011-2851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2851 [ 24 ] CVE-2011-2852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2852 [ 25 ] CVE-2011-2853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2853 [ 26 ] CVE-2011-2854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2854 [ 27 ] CVE-2011-2855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2855 [ 28 ] CVE-2011-2856 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2856 [ 29 ] CVE-2011-2857 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2857 [ 30 ] CVE-2011-2858 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2858 [ 31 ] CVE-2011-2859 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2859 [ 32 ] CVE-2011-2860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2860 [ 33 ] CVE-2011-2861 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2861 [ 34 ] CVE-2011-2862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2862 [ 35 ] CVE-2011-2864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2864 [ 36 ] CVE-2011-2874 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2874 [ 37 ] CVE-2011-3234 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3234 [ 38 ] CVE-2011-3873 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873 [ 39 ] CVE-2011-3875 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3875 [ 40 ] CVE-2011-3876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3876 [ 41 ] CVE-2011-3877 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3877 [ 42 ] CVE-2011-3878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3878 [ 43 ] CVE-2011-3879 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3879 [ 44 ] CVE-2011-3880 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3880 [ 45 ] CVE-2011-3881 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3881 [ 46 ] CVE-2011-3882 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3882 [ 47 ] CVE-2011-3883 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3883 [ 48 ] CVE-2011-3884 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3884 [ 49 ] CVE-2011-3885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3885 [ 50 ] CVE-2011-3886 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3886 [ 51 ] CVE-2011-3887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3887 [ 52 ] CVE-2011-3888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3888 [ 53 ] CVE-2011-3889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3889 [ 54 ] CVE-2011-3890 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3890 [ 55 ] CVE-2011-3891 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3891 [ 56 ] Release Notes 10.0.648.127 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html [ 57 ] Release Notes 10.0.648.133 http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html [ 58 ] Release Notes 10.0.648.205 http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html [ 59 ] Release Notes 11.0.696.57 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html [ 60 ] Release Notes 11.0.696.65 http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html [ 61 ] Release Notes 11.0.696.68 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html [ 62 ] Release Notes 11.0.696.71 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html [ 63 ] Release Notes 12.0.742.112 http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html [ 64 ] Release Notes 12.0.742.91 http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html [ 65 ] Release Notes 13.0.782.107 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html [ 66 ] Release Notes 13.0.782.215 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html [ 67 ] Release Notes 13.0.782.220 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html [ 68 ] Release Notes 14.0.835.163 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html [ 69 ] Release Notes 14.0.835.202 http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html [ 70 ] Release Notes 15.0.874.102 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html [ 71 ] Release Notes 8.0.552.237 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html [ 72 ] Release Notes 9.0.597.107 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html [ 73 ] Release Notes 9.0.597.84 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html [ 74 ] Release Notes 9.0.597.94 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "chrome",
"scope": "lt",
"trust": 1.8,
"vendor": "google",
"version": "14.0.835.163"
},
{
"_id": null,
"model": "itunes",
"scope": "lt",
"trust": 1.8,
"vendor": "apple",
"version": "10.6"
},
{
"_id": null,
"model": "safari",
"scope": "lt",
"trust": 1.8,
"vendor": "apple",
"version": "5.1.4"
},
{
"_id": null,
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7.3"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7.3"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (ipad and ipad 2)"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (iphone 3gs)"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (iphone 4)"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (iphone 4s)"
},
{
"_id": null,
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 (ipod touch (3rd generation) or later )"
},
{
"_id": null,
"model": "ipad",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": "iphone",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": "ipod touch",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "8.0.552.28"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "8.0.552.27"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "9.0.573.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "8.0.552.26"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "8.0.552.35"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "8.0.552.29"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "8.0.552.42"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "8.0.552.23"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "8.0.552.40"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "8.0.552.24"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.5"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0"
},
{
"_id": null,
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.6"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.539.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.529.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.203"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.105"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.499.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.39"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.213"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.306"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.530.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.208"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.2"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.18"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.15"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.225"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.8"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.20"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.535.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.514.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.219"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.218"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.217"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.27"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.7"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.518.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.38"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.2"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.23"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.11"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.209"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.226"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.37"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.531.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.26"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.8"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.216"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.344"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.512.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.215"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.200"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.537.0"
},
{
"_id": null,
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.513.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.2.20"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.303"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.506.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.211"
},
{
"_id": null,
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.18"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.104"
},
{
"_id": null,
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.12"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.511.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.503.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.521.0"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.520.0"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.528.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.17"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.35"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.215"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.31"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.498.0"
},
{
"_id": null,
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.16"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.302"
},
{
"_id": null,
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.310"
},
{
"_id": null,
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.515.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.34"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.499.0"
},
{
"_id": null,
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.13"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.511.2"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.529.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.503.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.24"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.33"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.202"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.3"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.36"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.42"
},
{
"_id": null,
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.549.0"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.207"
},
{
"_id": null,
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.163"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.516.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"_id": null,
"model": "messaging storage server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.522.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.223"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1.8"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.531.0"
},
{
"_id": null,
"model": "tv",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.4"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.28"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.30"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.19"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.301"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.544.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.500.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.14"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.222"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.21"
},
{
"_id": null,
"model": "ctpview 7.0r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.12"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.4"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.100"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.14"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.540.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.542.0"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.529.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.510.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.547.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.2"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.9"
},
{
"_id": null,
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.13"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.4"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.547.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.509.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.40"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.514.1"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.212"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.29"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.206"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.19"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.25"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.220"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.101"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.0"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.511.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.531.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.20"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.300"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.535.1"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.10"
},
{
"_id": null,
"model": "aura conferencing sp1 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.541.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.221"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.6"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.524.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.102"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.17"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.307"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.205"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.16"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.204"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.526.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.21"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.505.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.497.0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.103"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.224"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.548.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.308"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.210"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.550.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.525.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "ios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.500.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.309"
},
{
"_id": null,
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.214"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.201"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.11"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.32"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.22"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"_id": null,
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.43"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.504.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.44"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.304"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.305"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.237"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.41"
},
{
"_id": null,
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.3"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"_id": null,
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.538.0"
},
{
"_id": null,
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.519.0"
},
{
"_id": null,
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "49658"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-303"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002658"
},
{
"db": "NVD",
"id": "CVE-2011-2857"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:google:chrome",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipad",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:iphone",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipod_touch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002658"
}
]
},
"credits": {
"_id": null,
"data": "Ryan Sleevi of the Chromium development community, electronixtar, wbrana, Michal Zalewski of the Google Security Team, Kostya Serebryany of the Chromium development community, kuzzcc, Mario Gomes, Aaron Sigel of vtty.com, Kostya Serebryany of the Chromium",
"sources": [
{
"db": "BID",
"id": "49658"
}
],
"trust": 0.3
},
"cve": "CVE-2011-2857",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2011-2857",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2011-2857",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-50802",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-2857",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-2857",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201109-303",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-50802",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50802"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-303"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002658"
},
{
"db": "NVD",
"id": "CVE-2011-2857"
}
]
},
"description": {
"_id": null,
"data": "Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller. Used in multiple products Webkit There is a service disruption (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code in the context of the browser, cause denial-of-service conditions, perform spoofing attacks, and bypass the same-origin policy; other attacks may also be possible. \nVersions prior to Chrome 14.0.835.163 are vulnerable. Google Chrome is a web browser developed by Google (Google). \nThese could be used in a malicious web site to direct the user to a\nspoofed site that visually appears to be a legitimate domain. This\nissue is addressed through an improved domain name validity check. \nThis issue does not affect OS X systems. Third-party websites could set cookies if the \"Block Cookies\"\npreference in Safari was set to the default setting of \"From third\nparties and advertisers\". \nCVE-ID\nCVE-2012-0640 : nshah\n\nWebKit\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista,\nXP SP2 or later\nImpact: HTTP authentication credentials may be inadvertently\ndisclosed to another site\nDescription: If a site uses HTTP authentication and redirects to\nanother site, the authentication credentials may be sent to the other\nsite. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2012-03-07-2 iOS 5.1 Software Update\n\niOS 5.1 Software Update is now available and addresses the following:\n\nCFNetwork\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of sensitive information\nDescription: An issue existed in CFNetwork\u0027s handling of malformed\nURLs. When accessing a maliciously crafted URL, CFNetwork could send\nunexpected request headers. \nCVE-ID\nCVE-2012-0641 : Erling Ellingsen of Facebook\n\nHFS\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Mounting a maliciously crafted disk image may lead to a\ndevice shutdown or arbitrary code execution\nDescription: An integer underflow existed with the handling of HFS\ncatalog files. \nCVE-ID\nCVE-2012-0642 : pod2g\n\nKernel\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: A malicious program could bypass sandbox restrictions\nDescription: A logic issue existed in the handling of debug system\ncalls. This may allow a malicious program to gain code execution in\nother programs with the same user privileges. \nCVE-ID\nCVE-2012-0643 : 2012 iOS Jailbreak Dream Team\n\nlibresolv\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Applications that use the libresolv library may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription: An integer overflow existed in the handling of DNS\nresource records, which may lead to heap memory corruption. \nCVE-ID\nCVE-2011-3453 : Ilja van Sprundel of IOActive\n\nPasscode Lock\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: A person with physical access to the device may be able to\nbypass the screen lock\nDescription: A race condition issue existed in the handling of slide\nto dial gestures. This may allow a person with physical access to the\ndevice to bypass the Passcode Lock screen. \nCVE-ID\nCVE-2012-0644 : Roland Kohler of the German Federal Ministry of\nEconomics and Technology\n\nSafari\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Web page visits may be recorded in browser history even when\nPrivate Browsing is active\nDescription: Safari\u0027s Private Browsing is designed to prevent\nrecording of a browsing session. Pages visited as a result of a site\nusing the JavaScript methods pushState or replaceState were recorded\nin the browser history even when Private Browsing mode was active. \nThis issue is addressed by not recording such visits when Private\nBrowsing is active. \nCVE-ID\nCVE-2012-0585 : Eric Melville of American Express\n\nSiri\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: An attacker with physical access to a locked phone could get\naccess to frontmost email message\nDescription: A design issue existed in Siri\u0027s lock screen\nrestrictions. If Siri was enabled for use on the lock screen, and\nMail was open with a message selected behind the lock screen, a voice\ncommand could be used to send that message to an arbitrary recipient. \nThis issue is addressed by disabling forwarding of active messages\nfrom the lock screen. \nCVE-ID\nCVE-2012-0645\n\nVPN\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: A maliciously crafted system configuration file may lead to\narbitrary code execution with system privileges\nDescription: A format string vulnerability existed in the handling\nof racoon configuration files. \nCVE-ID\nCVE-2012-0646 : pod2g\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of cookies\nDescription: A cross-origin issue existed in WebKit, which may allow\ncookies to be disclosed across origins. \nCVE-ID\nCVE-2011-3887 : Sergey Glazunov\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website and dragging content\nwith the mouse may lead to a cross-site scripting attack\nDescription: A cross-origin issue existed in WebKit, which may allow\ncontent to be dragged and dropped across origins. \nCVE-ID\nCVE-2012-0590 : Adam Barth of Google Chrome Security Team\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: Multiple cross-origin issues existed in WebKit. \nCVE-ID\nCVE-2011-3881 : Sergey Glazunov\nCVE-2012-0586 : Sergey Glazunov\nCVE-2012-0587 : Sergey Glazunov\nCVE-2012-0588 : Jochen Eisinger of Google Chrome Team\nCVE-2012-0589 : Alan Austin of polyvore.com\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nCVE-ID\nCVE-2011-2825 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-2833 : Apple\nCVE-2011-2846 : Arthur Gerkis, miaubiz\nCVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome\nSecurity Team using AddressSanitizer\nCVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense\nVCP\nCVE-2011-2857 : miaubiz\nCVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2867 : Dirk Schulze\nCVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2869 : Cris Neckar of Google Chrome Security Team using\nAddressSanitizer\nCVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google\nChrome Security Team using AddressSanitizer\nCVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2877 : miaubiz\nCVE-2011-3885 : miaubiz\nCVE-2011-3888 : miaubiz\nCVE-2011-3897 : pa_kt working with TippingPoint\u0027s Zero Day Initiative\nCVE-2011-3908 : Aki Helin of OUSPG\nCVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu\nCVE-2011-3928 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2012-0591 : miaubiz, and Martin Barbella\nCVE-2012-0592 : Alexander Gavrun working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2012-0593 : Lei Zhang of the Chromium development community\nCVE-2012-0594 : Adam Klein of the Chromium development community\nCVE-2012-0595 : Apple\nCVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0597 : miaubiz\nCVE-2012-0598 : Sergey Glazunov\nCVE-2012-0599 : Dmytro Gorbunov of SaveSources.com\nCVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google\nChrome, miaubiz, Aki Helin of OUSPG, Apple\nCVE-2012-0601 : Apple\nCVE-2012-0602 : Apple\nCVE-2012-0603 : Apple\nCVE-2012-0604 : Apple\nCVE-2012-0605 : Apple\nCVE-2012-0606 : Apple\nCVE-2012-0607 : Apple\nCVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer\nCVE-2012-0611 : Martin Barbella using AddressSanitizer\nCVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer\nCVE-2012-0615 : Martin Barbella using AddressSanitizer\nCVE-2012-0616 : miaubiz\nCVE-2012-0617 : Martin Barbella using AddressSanitizer\nCVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0621 : Martin Barbella using AddressSanitizer\nCVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome\nSecurity Team\nCVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0624 : Martin Barbella using AddressSanitizer\nCVE-2012-0625 : Martin Barbella\nCVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0627 : Apple\nCVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of\nGoogle Chrome Security Team using AddressSanitizer\nCVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2012-0630 : Sergio Villar Senin of Igalia\nCVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-0633 : Apple\nCVE-2012-0635 : Julien Chaffraix of the Chromium development\ncommunity, Martin Barbella using AddressSanitizer\n\n\nInstallation note:\n\nThis update is only available through iTunes, and will not appear\nin your computer\u0027s Software Update application, or in the Apple\nDownloads site. Make sure you have an Internet connection and have\ninstalled the latest version of iTunes from www.apple.com/itunes/\n\niTunes will automatically check Apple\u0027s update server on its weekly\nschedule. When an update is detected, it will download it. When\nthe iPhone, iPod touch or iPad is docked, iTunes will present the\nuser with the option to install the update. We recommend applying\nthe update immediately if possible. Selecting Don\u0027t Install will\npresent the option the next time you connect your iPhone, iPod touch,\nor iPad. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes checks for updates. You may manually obtain the\nupdate via the Check for Updates button within iTunes. After doing\nthis, the update can be applied when your iPhone, iPod touch, or iPad\nis docked to your computer. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update will be \"5.1\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\n\niQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq\n4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM\nbCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY\nRDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90\nHAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6\n7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY=\n=qPeE\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201111-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Chromium, V8: Multiple vulnerabilities\n Date: November 01, 2011\n Bugs: #351525, #353626, #354121, #356933, #357963, #358581,\n #360399, #363629, #365125, #366335, #367013, #368649,\n #370481, #373451, #373469, #377475, #377629, #380311,\n #380897, #381713, #383251, #385649, #388461\n ID: 201111-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in Chromium and V8, some of\nwhich may allow execution of arbitrary code and local root privilege\nescalation. \n\nBackground\n==========\n\nChromium is an open-source web browser project. V8 is Google\u0027s open\nsource JavaScript engine. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/chromium \u003c 15.0.874.102 \u003e= 15.0.874.102 \n 2 dev-lang/v8 \u003c 3.5.10.22 \u003e= 3.5.10.22 \n -------------------------------------------------------------------\n 2 affected packages\n -------------------------------------------------------------------\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Chromium and V8. \nPlease review the CVE identifiers and release notes referenced below\nfor details. \n\nImpact\n======\n\nA local attacker could gain root privileges (CVE-2011-1444, fixed in\nchromium-11.0.696.57). \n\nA context-dependent attacker could entice a user to open a specially\ncrafted web site or JavaScript program using Chromium or V8, possibly\nresulting in the execution of arbitrary code with the privileges of the\nprocess, or a Denial of Service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-client/chromium-15.0.874.102\"\n\nAll V8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-lang/v8-3.5.10.22\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-2345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2345\n[ 2 ] CVE-2011-2346\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2346\n[ 3 ] CVE-2011-2347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2347\n[ 4 ] CVE-2011-2348\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2348\n[ 5 ] CVE-2011-2349\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2349\n[ 6 ] CVE-2011-2350\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2350\n[ 7 ] CVE-2011-2351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2351\n[ 8 ] CVE-2011-2834\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834\n[ 9 ] CVE-2011-2835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2835\n[ 10 ] CVE-2011-2837\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2837\n[ 11 ] CVE-2011-2838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2838\n[ 12 ] CVE-2011-2839\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2839\n[ 13 ] CVE-2011-2840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2840\n[ 14 ] CVE-2011-2841\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2841\n[ 15 ] CVE-2011-2843\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2843\n[ 16 ] CVE-2011-2844\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2844\n[ 17 ] CVE-2011-2845\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2845\n[ 18 ] CVE-2011-2846\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2846\n[ 19 ] CVE-2011-2847\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2847\n[ 20 ] CVE-2011-2848\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2848\n[ 21 ] CVE-2011-2849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2849\n[ 22 ] CVE-2011-2850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2850\n[ 23 ] CVE-2011-2851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2851\n[ 24 ] CVE-2011-2852\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2852\n[ 25 ] CVE-2011-2853\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2853\n[ 26 ] CVE-2011-2854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2854\n[ 27 ] CVE-2011-2855\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2855\n[ 28 ] CVE-2011-2856\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2856\n[ 29 ] CVE-2011-2857\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2857\n[ 30 ] CVE-2011-2858\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2858\n[ 31 ] CVE-2011-2859\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2859\n[ 32 ] CVE-2011-2860\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2860\n[ 33 ] CVE-2011-2861\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2861\n[ 34 ] CVE-2011-2862\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2862\n[ 35 ] CVE-2011-2864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2864\n[ 36 ] CVE-2011-2874\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2874\n[ 37 ] CVE-2011-3234\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3234\n[ 38 ] CVE-2011-3873\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873\n[ 39 ] CVE-2011-3875\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3875\n[ 40 ] CVE-2011-3876\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3876\n[ 41 ] CVE-2011-3877\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3877\n[ 42 ] CVE-2011-3878\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3878\n[ 43 ] CVE-2011-3879\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3879\n[ 44 ] CVE-2011-3880\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3880\n[ 45 ] CVE-2011-3881\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3881\n[ 46 ] CVE-2011-3882\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3882\n[ 47 ] CVE-2011-3883\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3883\n[ 48 ] CVE-2011-3884\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3884\n[ 49 ] CVE-2011-3885\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3885\n[ 50 ] CVE-2011-3886\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3886\n[ 51 ] CVE-2011-3887\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3887\n[ 52 ] CVE-2011-3888\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3888\n[ 53 ] CVE-2011-3889\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3889\n[ 54 ] CVE-2011-3890\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3890\n[ 55 ] CVE-2011-3891\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3891\n[ 56 ] Release Notes 10.0.648.127\n http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html\n[ 57 ] Release Notes 10.0.648.133\n http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html\n[ 58 ] Release Notes 10.0.648.205\n http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html\n[ 59 ] Release Notes 11.0.696.57\n http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html\n[ 60 ] Release Notes 11.0.696.65\n http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html\n[ 61 ] Release Notes 11.0.696.68\n http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html\n[ 62 ] Release Notes 11.0.696.71\n http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html\n[ 63 ] Release Notes 12.0.742.112\n http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html\n[ 64 ] Release Notes 12.0.742.91\n http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html\n[ 65 ] Release Notes 13.0.782.107\n http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html\n[ 66 ] Release Notes 13.0.782.215\n http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html\n[ 67 ] Release Notes 13.0.782.220\n http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html\n[ 68 ] Release Notes 14.0.835.163\n http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html\n[ 69 ] Release Notes 14.0.835.202\n http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html\n[ 70 ] Release Notes 15.0.874.102\n http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html\n[ 71 ] Release Notes 8.0.552.237\n http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html\n[ 72 ] Release Notes 9.0.597.107\n http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html\n[ 73 ] Release Notes 9.0.597.84\n http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html\n[ 74 ] Release Notes 9.0.597.94\n http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201111-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2857"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002658"
},
{
"db": "BID",
"id": "49658"
},
{
"db": "VULHUB",
"id": "VHN-50802"
},
{
"db": "PACKETSTORM",
"id": "110716"
},
{
"db": "PACKETSTORM",
"id": "110590"
},
{
"db": "PACKETSTORM",
"id": "110591"
},
{
"db": "PACKETSTORM",
"id": "106471"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2011-2857",
"trust": 3.2
},
{
"db": "OSVDB",
"id": "75559",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48377",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48274",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48288",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1026774",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002658",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201109-303",
"trust": 0.7
},
{
"db": "JUNIPER",
"id": "JSA10658",
"trust": 0.3
},
{
"db": "BID",
"id": "49658",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-50802",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110716",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110590",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110591",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106471",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50802"
},
{
"db": "BID",
"id": "49658"
},
{
"db": "PACKETSTORM",
"id": "110716"
},
{
"db": "PACKETSTORM",
"id": "110590"
},
{
"db": "PACKETSTORM",
"id": "110591"
},
{
"db": "PACKETSTORM",
"id": "106471"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-303"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002658"
},
{
"db": "NVD",
"id": "CVE-2011-2857"
}
]
},
"id": "VAR-201109-0211",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50802"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:32:34.973000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HT5190",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5190"
},
{
"title": "HT5191",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5191"
},
{
"title": "HT5192",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5192"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "stable-channel-update_16",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"title": "nacl",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=41604"
},
{
"title": "IronPortable",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=41603"
},
{
"title": "srware_iron",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=41605"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-303"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002658"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-399",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50802"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002658"
},
{
"db": "NVD",
"id": "CVE-2011-2857"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.1,
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2012/mar/msg00000.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2012/mar/msg00001.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2012/mar/msg00003.html"
},
{
"trust": 1.7,
"url": "http://code.google.com/p/chromium/issues/detail?id=93420"
},
{
"trust": 1.7,
"url": "http://osvdb.org/75559"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14593"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1026774"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48274"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48288"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48377"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69884"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2857"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu428075/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu341747/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu479643/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2857"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2847"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2855"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2854"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2846"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht5504"
},
{
"trust": 0.3,
"url": "http://www.google.com/chrome"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos2"
},
{
"trust": 0.3,
"url": "/archive/1/520068"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10658\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100153798"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100156064"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100158911"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03360041"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/16aeb-4cd3628b94080/cert_xrx12-009_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2867"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3888"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2872"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2877"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2871"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2869"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2860"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3885"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2873"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2870"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2868"
},
{
"trust": 0.3,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2857"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3897"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2825"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3908"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3909"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2833"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3887"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0585"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3928"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0586"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3881"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2866"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0584"
},
{
"trust": 0.1,
"url": "http://www.apple.com/safari/download/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0592"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0594"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0593"
},
{
"trust": 0.1,
"url": "http://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3453"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2849"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2841"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2847"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3875"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3890"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2350"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2848"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2853"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3879"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3888"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2859"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3881"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2844"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2843"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3876"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2844"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2853"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2845"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3877"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2349"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3880"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201111-01.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2841"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2349"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2861"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2862"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2852"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2838"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2839"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2849"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2346"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2858"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3891"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2855"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3887"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3878"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3873"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2854"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2850"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2834"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2851"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2857"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2851"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2856"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2346"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2347"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2846"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2348"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2850"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2852"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2856"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2874"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2348"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2350"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2345"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3234"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2845"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2848"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3886"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2839"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3882"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3885"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2843"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50802"
},
{
"db": "BID",
"id": "49658"
},
{
"db": "PACKETSTORM",
"id": "110716"
},
{
"db": "PACKETSTORM",
"id": "110590"
},
{
"db": "PACKETSTORM",
"id": "110591"
},
{
"db": "PACKETSTORM",
"id": "106471"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-303"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002658"
},
{
"db": "NVD",
"id": "CVE-2011-2857"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-50802",
"ident": null
},
{
"db": "BID",
"id": "49658",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "110716",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "110590",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "110591",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "106471",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201109-303",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002658",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2011-2857",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2011-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-50802",
"ident": null
},
{
"date": "2011-09-16T00:00:00",
"db": "BID",
"id": "49658",
"ident": null
},
{
"date": "2012-03-13T00:58:40",
"db": "PACKETSTORM",
"id": "110716",
"ident": null
},
{
"date": "2012-03-08T22:22:22",
"db": "PACKETSTORM",
"id": "110590",
"ident": null
},
{
"date": "2012-03-08T22:23:23",
"db": "PACKETSTORM",
"id": "110591",
"ident": null
},
{
"date": "2011-11-01T15:58:39",
"db": "PACKETSTORM",
"id": "106471",
"ident": null
},
{
"date": "2011-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-303",
"ident": null
},
{
"date": "2011-11-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002658",
"ident": null
},
{
"date": "2011-09-19T12:02:56.277000",
"db": "NVD",
"id": "CVE-2011-2857",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-05-08T00:00:00",
"db": "VULHUB",
"id": "VHN-50802",
"ident": null
},
{
"date": "2015-04-13T21:27:00",
"db": "BID",
"id": "49658",
"ident": null
},
{
"date": "2020-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-303",
"ident": null
},
{
"date": "2012-03-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002658",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-2857",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-303"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Used in multiple products Webkit Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002658"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-303"
}
],
"trust": 0.6
}
}
VAR-201210-0132
Vulnerability from variot - Updated: 2026-04-10 22:30Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE. The vulnerability can be exploited over the 'Gopher' protocol. This issue affects the 'Networking' sub-component. This vulnerability affects the following supported versions: 7 Update 7, 6 Update 35, 5.0 Update 36, 1.4.2_38. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201406-32
http://security.gentoo.org/
Severity: High Title: IcedTea JDK: Multiple vulnerabilities Date: June 29, 2014 Bugs: #312297, #330205, #340819, #346799, #352035, #353418, #354231, #355127, #370787, #387637, #404095, #421031, #429522, #433389, #438750, #442478, #457206, #458410, #461714, #466822, #477210, #489570, #508270 ID: 201406-32
Synopsis
Multiple vulnerabilities have been found in the IcedTea JDK, the worst of which could lead to arbitrary code execution.
Background
IcedTea is a distribution of the Java OpenJDK source code built with free build tools.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/icedtea-bin < 6.1.13.3 >= 6.1.13.3
Description
Multiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, bypass intended security policies, or have other unspecified impact.
Workaround
There is no known workaround at this time.
Resolution
All IcedTea JDK users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/icedtea-bin-6.1.13.3"
References
[ 1 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 2 ] CVE-2010-2548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548 [ 3 ] CVE-2010-2783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783 [ 4 ] CVE-2010-3541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541 [ 5 ] CVE-2010-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548 [ 6 ] CVE-2010-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549 [ 7 ] CVE-2010-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551 [ 8 ] CVE-2010-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553 [ 9 ] CVE-2010-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554 [ 10 ] CVE-2010-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557 [ 11 ] CVE-2010-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561 [ 12 ] CVE-2010-3562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562 [ 13 ] CVE-2010-3564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564 [ 14 ] CVE-2010-3565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565 [ 15 ] CVE-2010-3566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566 [ 16 ] CVE-2010-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567 [ 17 ] CVE-2010-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568 [ 18 ] CVE-2010-3569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569 [ 19 ] CVE-2010-3573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573 [ 20 ] CVE-2010-3574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574 [ 21 ] CVE-2010-3860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860 [ 22 ] CVE-2010-4351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351 [ 23 ] CVE-2010-4448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448 [ 24 ] CVE-2010-4450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450 [ 25 ] CVE-2010-4465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465 [ 26 ] CVE-2010-4467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467 [ 27 ] CVE-2010-4469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469 [ 28 ] CVE-2010-4470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470 [ 29 ] CVE-2010-4471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471 [ 30 ] CVE-2010-4472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472 [ 31 ] CVE-2010-4476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476 [ 32 ] CVE-2011-0025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025 [ 33 ] CVE-2011-0706 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706 [ 34 ] CVE-2011-0815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815 [ 35 ] CVE-2011-0822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822 [ 36 ] CVE-2011-0862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862 [ 37 ] CVE-2011-0864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864 [ 38 ] CVE-2011-0865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865 [ 39 ] CVE-2011-0868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868 [ 40 ] CVE-2011-0869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869 [ 41 ] CVE-2011-0870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870 [ 42 ] CVE-2011-0871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871 [ 43 ] CVE-2011-0872 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872 [ 44 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 45 ] CVE-2011-3521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521 [ 46 ] CVE-2011-3544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544 [ 47 ] CVE-2011-3547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547 [ 48 ] CVE-2011-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548 [ 49 ] CVE-2011-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551 [ 50 ] CVE-2011-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552 [ 51 ] CVE-2011-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553 [ 52 ] CVE-2011-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554 [ 53 ] CVE-2011-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556 [ 54 ] CVE-2011-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557 [ 55 ] CVE-2011-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558 [ 56 ] CVE-2011-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560 [ 57 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 58 ] CVE-2011-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571 [ 59 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 60 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 61 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 62 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 63 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 64 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 65 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 66 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 67 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 68 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 69 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 70 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 71 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 72 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 73 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 74 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 75 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 76 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 77 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 78 ] CVE-2012-3422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422 [ 79 ] CVE-2012-3423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423 [ 80 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 81 ] CVE-2012-4540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540 [ 82 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 83 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 84 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 85 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 86 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 87 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 88 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 89 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 90 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 91 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 92 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 93 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 94 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 95 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 96 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 97 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 98 ] CVE-2012-5979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979 [ 99 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 100 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 101 ] CVE-2013-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424 [ 102 ] CVE-2013-0425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425 [ 103 ] CVE-2013-0426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426 [ 104 ] CVE-2013-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427 [ 105 ] CVE-2013-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428 [ 106 ] CVE-2013-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429 [ 107 ] CVE-2013-0431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431 [ 108 ] CVE-2013-0432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432 [ 109 ] CVE-2013-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433 [ 110 ] CVE-2013-0434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434 [ 111 ] CVE-2013-0435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435 [ 112 ] CVE-2013-0440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440 [ 113 ] CVE-2013-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441 [ 114 ] CVE-2013-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442 [ 115 ] CVE-2013-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443 [ 116 ] CVE-2013-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444 [ 117 ] CVE-2013-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450 [ 118 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 119 ] CVE-2013-1475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475 [ 120 ] CVE-2013-1476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476 [ 121 ] CVE-2013-1478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478 [ 122 ] CVE-2013-1480 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480 [ 123 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 124 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 125 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 126 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 127 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 128 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 129 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 130 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 131 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 132 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 133 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 134 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 135 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 136 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 137 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 138 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 139 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 140 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 141 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 142 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 143 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 144 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 145 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 146 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 147 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 148 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 149 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 150 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 151 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 152 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 153 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 154 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 155 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 156 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 157 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 158 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 159 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 160 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 161 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 162 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 163 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 164 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 165 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 166 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 167 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 168 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 169 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 170 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 171 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 172 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 173 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 174 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 175 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 176 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 177 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 178 ] CVE-2013-4002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002 [ 179 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 180 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 181 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 182 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 183 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 184 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 185 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 186 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 187 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 188 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 189 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 190 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 191 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 192 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 193 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 194 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 195 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 196 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 197 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 198 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 199 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 200 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 201 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 202 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 203 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 204 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 205 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 206 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 207 ] CVE-2013-6629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629 [ 208 ] CVE-2013-6954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954 [ 209 ] CVE-2014-0429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429 [ 210 ] CVE-2014-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446 [ 211 ] CVE-2014-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451 [ 212 ] CVE-2014-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452 [ 213 ] CVE-2014-0453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453 [ 214 ] CVE-2014-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456 [ 215 ] CVE-2014-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457 [ 216 ] CVE-2014-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458 [ 217 ] CVE-2014-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459 [ 218 ] CVE-2014-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460 [ 219 ] CVE-2014-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461 [ 220 ] CVE-2014-1876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876 [ 221 ] CVE-2014-2397 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397 [ 222 ] CVE-2014-2398 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398 [ 223 ] CVE-2014-2403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403 [ 224 ] CVE-2014-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412 [ 225 ] CVE-2014-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414 [ 226 ] CVE-2014-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421 [ 227 ] CVE-2014-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423 [ 228 ] CVE-2014-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201406-32.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2012:169 http://www.mandriva.com/security/
Package : java-1.6.0-openjdk Date : November 1, 2012 Affected: 2011., Enterprise Server 5.0
Problem Description:
Multiple security issues were identified and fixed in OpenJDK (icedtea6):
- S6631398, CVE-2012-3216: FilePermission improved path checking
- S7093490: adjust package access in rmiregistry
- S7143535, CVE-2012-5068: ScriptEngine corrected permissions
- S7167656, CVE-2012-5077: Multiple Seeders are being created
- S7169884, CVE-2012-5073: LogManager checks do not work correctly for sub-types
- S7169888, CVE-2012-5075: Narrowing resource definitions in JMX RMI connector
- S7172522, CVE-2012-5072: Improve DomainCombiner checking
- S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC
- S7189103, CVE-2012-5069: Executors needs to maintain state
- S7189490: More improvements to DomainCombiner checking
- S7189567, CVE-2012-5085: java net obselete protocol
- S7192975, CVE-2012-5071: Conditional usage check is wrong
- S7195194, CVE-2012-5084: Better data validation for Swing
- S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should be improved
- S7195919, CVE-2012-5979: (sl) ServiceLoader can throw CCE without needing to create instance
- S7198296, CVE-2012-5089: Refactor classloader usage
- S7158800: Improve storage of symbol tables
- S7158801: Improve VM CompileOnly option
- S7158804: Improve config file parsing
- S7176337: Additional changes needed for 7158801 fix
- S7198606, CVE-2012-4416: Improve VM optimization
The updated packages provides icedtea6-1.11.5 which is not vulnerable to these issues. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFQklqImqjQ0CJFipgRAiNOAJ4qA9L2NTdql1htD7pQDNJrDlPnUgCguupW xu3AOptE+B1OsUdPAeTUH5o= =2CFK -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03595351
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03595351 Version: 1
HPSBUX02832 SSRT101042 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2012-12-12 Last Updated: 2012-12-12
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v7.0.03, v6.0.16 and v5.0.26 and earlier
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2012-1531 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1532 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1533 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3143 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3159 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-3216 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2012-4416 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-5068 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-5069 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2012-5071 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-5072 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5073 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5075 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5077 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2012-5079 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2012-5081 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-5083 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5084 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2012-5085 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 0.0 CVE-2012-5086 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5087 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5089 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
NOTE: The following apply to both v7.0.03 and v6.0.16 and earlier: CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4416, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086, CVE-2012-5087, CVE-2012-5089
NOTE: The following apply to v5.0.26 and earlier: CVE-2012-1531, CVE-2012-3143, CVE-2012-3216, CVE-2012-5069, CVE-2012-5071, CVE-2012-5073, CVE-2012-5075, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5089
RESOLUTION
HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location
http://www.hp.com/java
HP-UX B.11.23, B.11.31 JDK and JRE v7.0.04 or subsequent
HP-UX B.11.11, B.11.23, B.11.31 JDK and JRE v6.0.17 or subsequent
HP-UX B.11.11, B.11.23, B.11.31 JDK and JRE v5.0.27 or subsequent
MANUAL ACTIONS: Yes - Update For Java v7.0 update to Java v7.0.04 or subsequent For Java v6.0 update to Java v6.0.17 or subsequent For Java v5.0 update to Java v5.0.27 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.23 HP-UX B.11.31 =========== Jdk70.JDK70-COM Jdk70.JDK70-DEMO Jdk70.JDK70-IPF32 Jdk70.JDK70-IPF64 Jre70.JRE70-COM Jre70.JRE70-IPF32 Jre70.JRE70-IPF32-HS Jre70.JRE70-IPF64 Jre70.JRE70-IPF64-HS action: install revision 1.7.0.04.00 or subsequent
HP-UX B.11.23 HP-UX B.11.31 =========== Jdk60.JDK60-COM Jdk60.JDK60-DEMO Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.17.00 or subsequent
HP-UX B.11.23 HP-UX B.11.31 =========== Jdk15.JDK15-COM Jdk15.JDK15-DEMO Jdk15.JDK15-IPF32 Jdk15.JDK15-IPF64 Jre15.JRE15-COM Jre15.JRE15-COM-DOC Jre15.JRE15-IPF32 Jre15.JRE15-IPF32-HS Jre15.JRE15-IPF64 Jre15.JRE15-IPF64-HS action: install revision 1.5.0.27.00 or subsequent
HP-UX B.11.11 HP-UX B.11.23 =========== Jdk60.JDK60-COM Jdk60.JDK60-DEMO Jdk60.JDK60-PA20 Jdk60.JDK60-PA20W Jre60.JRE60-COM Jre60.JRE60-COM-DOC Jre60.JRE60-PA20 Jre60.JRE60-PA20-HS Jre60.JRE60-PA20W Jre60.JRE60-PA20W-HS action: install revision 1.6.0.17.00 or subsequent
HP-UX B.11.11 HP-UX B.11.23 =========== Jdk15.JDK15-COM Jdk15.JDK15-DEMO Jdk15.JDK15-PA20 Jdk15.JDK15-PA20W Jre15.JRE15-COM Jre15.JRE15-COM-DOC Jre15.JRE15-PA20 Jre15.JRE15-PA20-HS Jre15.JRE15-PA20W Jre15.JRE15-PA20W-HS action: install revision 1.5.0.27.00 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 12 December 2012 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. ============================================================================ Ubuntu Security Notice USN-1619-1 October 26, 2012
openjdk-6, openjdk-7 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenJDK. An attacker could exploit these to cause a denial of service. These issues only affected Ubuntu 12.10. (CVE-2012-5067, CVE-2012-5070)
Vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2012-5073, CVE-2012-5079)
A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. This issue only affected Ubuntu 12.10. An attacker could exploit these to cause a denial of service. These issues only affected Ubuntu 12.10. (CVE-2012-5076, CVE-2012-5087, CVE-2012-5088)
A denial of service vulnerability was found in OpenJDK. (CVE-2012-5081)
Please see the following for more information: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.10: icedtea-7-jre-cacao 7u9-2.3.3-0ubuntu1~12.10.1 icedtea-7-jre-jamvm 7u9-2.3.3-0ubuntu1~12.10.1 openjdk-7-jre 7u9-2.3.3-0ubuntu1~12.10.1 openjdk-7-jre-headless 7u9-2.3.3-0ubuntu1~12.10.1 openjdk-7-jre-lib 7u9-2.3.3-0ubuntu1~12.10.1 openjdk-7-jre-zero 7u9-2.3.3-0ubuntu1~12.10.1
Ubuntu 12.04 LTS: icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~12.04.1 icedtea-6-jre-jamvm 6b24-1.11.5-0ubuntu1~12.04.1 openjdk-6-jre 6b24-1.11.5-0ubuntu1~12.04.1 openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~12.04.1 openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~12.04.1 openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~12.04.1
Ubuntu 11.10: icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~11.10.1 icedtea-6-jre-jamvm 6b24-1.11.5-0ubuntu1~11.10.1 openjdk-6-jre 6b24-1.11.5-0ubuntu1~11.10.1 openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~11.10.1 openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~11.10.1 openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~11.10.1
Ubuntu 11.04: icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~11.04.1 icedtea-6-jre-jamvm 6b24-1.11.5-0ubuntu1~11.04.1 openjdk-6-jre 6b24-1.11.5-0ubuntu1~11.04.1 openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~11.04.1 openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~11.04.1 openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~11.04.1
Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~10.04.2 openjdk-6-jre 6b24-1.11.5-0ubuntu1~10.04.2 openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~10.04.2 openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~10.04.2 openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~10.04.2
This update uses a new upstream release, which includes additional bug fixes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: RHSA-2012:1386-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1386.html Issue date: 2012-10-17 CVE Names: CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089 =====================================================================
- Summary:
Updated java-1.7.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64
- Description:
These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit.
Multiple improper permission check issues were discovered in the Beans, Libraries, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5084, CVE-2012-5089)
The default Java security properties configuration did not restrict access to certain com.sun.org.glassfish packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. This update lists those packages as restricted. (CVE-2012-5076, CVE-2012-5074)
Multiple improper permission check issues were discovered in the Scripting, JMX, Concurrency, Libraries, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071, CVE-2012-5069, CVE-2012-5073, CVE-2012-5072)
It was discovered that java.util.ServiceLoader could create an instance of an incompatible class while performing provider lookup. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2012-5079)
It was discovered that the Java Secure Socket Extension (JSSE) SSL/TLS implementation did not properly handle handshake records containing an overly large data length value. An unauthenticated, remote attacker could possibly use this flaw to cause an SSL/TLS server to terminate with an exception. (CVE-2012-5081)
It was discovered that the JMX component in OpenJDK could perform certain actions in an insecure manner. An untrusted Java application or applet could possibly use these flaws to disclose sensitive information. (CVE-2012-5070, CVE-2012-5075)
A bug in the Java HotSpot Virtual Machine optimization code could cause it to not perform array initialization in certain cases. An untrusted Java application or applet could use this flaw to disclose portions of the virtual machine's memory. (CVE-2012-4416)
It was discovered that the SecureRandom class did not properly protect against the creation of multiple seeders. An untrusted Java application or applet could possibly use this flaw to disclose sensitive information. (CVE-2012-5077)
It was discovered that the java.io.FilePermission class exposed the hash code of the canonicalized path name. An untrusted Java application or applet could possibly use this flaw to determine certain system paths, such as the current working directory. (CVE-2012-3216)
This update disables Gopher protocol support in the java.net package by default. Gopher support can be enabled by setting the newly introduced property, "jdk.net.registerGopherProtocol", to true. (CVE-2012-5085)
This erratum also upgrades the OpenJDK package to IcedTea7 2.3.3. Refer to the NEWS file, linked to in the References, for further information.
All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
856124 - CVE-2012-4416 OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606) 865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398) 865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535) 865350 - CVE-2012-5070 OpenJDK: EnvHelp information disclosure (JMX, 7158796) 865352 - CVE-2012-5076 OpenJDK: com.sun.org.glassfish. not restricted packages (JAX-WS, 7163198) 865354 - CVE-2012-5077 OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656) 865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884) 865359 - CVE-2012-5074 OpenJDK: com.sun.org.glassfish. not restricted packages (JAX-WS, 7169887) 865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888) 865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522) 865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286) 865428 - CVE-2012-5086 OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917) 865434 - CVE-2012-5087 OpenJDK: PropertyElementHandler insufficient access checks (Beans, 7195549) 865471 - CVE-2012-5088 OpenJDK: MethodHandle insufficient access control checks (Libraries, 7196190) 865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194) 865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296) 865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975) 865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103) 865541 - CVE-2012-5085 OpenJDK: disable Gopher support by default (Gopher, 7189567) 865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919)
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-3216.html https://www.redhat.com/security/data/cve/CVE-2012-4416.html https://www.redhat.com/security/data/cve/CVE-2012-5068.html https://www.redhat.com/security/data/cve/CVE-2012-5069.html https://www.redhat.com/security/data/cve/CVE-2012-5070.html https://www.redhat.com/security/data/cve/CVE-2012-5071.html https://www.redhat.com/security/data/cve/CVE-2012-5072.html https://www.redhat.com/security/data/cve/CVE-2012-5073.html https://www.redhat.com/security/data/cve/CVE-2012-5074.html https://www.redhat.com/security/data/cve/CVE-2012-5075.html https://www.redhat.com/security/data/cve/CVE-2012-5076.html https://www.redhat.com/security/data/cve/CVE-2012-5077.html https://www.redhat.com/security/data/cve/CVE-2012-5079.html https://www.redhat.com/security/data/cve/CVE-2012-5081.html https://www.redhat.com/security/data/cve/CVE-2012-5084.html https://www.redhat.com/security/data/cve/CVE-2012-5085.html https://www.redhat.com/security/data/cve/CVE-2012-5086.html https://www.redhat.com/security/data/cve/CVE-2012-5087.html https://www.redhat.com/security/data/cve/CVE-2012-5088.html https://www.redhat.com/security/data/cve/CVE-2012-5089.html https://access.redhat.com/security/updates/classification/#important http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.3/NEWS http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQftouXlSAg2UNWIIRAu4QAJ9oluAxlU3ZC8CvezRk4Erm08HD+QCeNlqf GG07IH3dgJiG+gj47Cm1WNQ= =8X+P -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.4.2_36"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.4.2_35"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.4.2_30"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.4.2_29"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.4.2_33"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.4.2_32"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.4.2_37"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.4.2_31"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.4.2_34"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.4.2_28"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_25"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_3"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_22"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_13"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_7"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_12"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_25"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_3"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_19"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_22"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_26"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_30"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_15"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_27"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_26"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_14"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_27"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_34"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_14"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_5"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_18"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_7"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_5"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_17"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0.200"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_2"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_18"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_1"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_16"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_4"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_23"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_17"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_15"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_2"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_11"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_10"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_35"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_33"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_23"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_6"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_21"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_13"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_32"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_10"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.6.0.210"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_29"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_9"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_36"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_6"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_19"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.4.2_38"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.6.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_8"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_9"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_20"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_28"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_24"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_8"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_16"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "1.4.2_38"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_37"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_4"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_12"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_11"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_31"
},
{
"_id": null,
"model": "jre 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 24",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.4.2 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 17",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 16",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 35",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 22",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 1.4.2 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 1.4.2 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 22",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 36",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 24",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 16",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.7"
},
{
"_id": null,
"model": "sdk 1.4.2 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.4.2 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.6.0 01",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.4.2 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.4.2 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.4.2 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 1.4.2 37",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jre 1.4.2 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.7.0 7",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 17",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 10",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.4.2 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 1.4.2 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.4.2 16",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.7"
},
{
"_id": null,
"model": "jre 1.4.2 37",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 1.4.2 16",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 17",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "sdk 1.4.2 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "sdk 1.4.2 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "sdk 1.4.2 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 0 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 24",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.0 update 36"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6 update 35"
},
{
"_id": null,
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 update 7"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.4.2_38"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.0 update 36"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6 update 35"
},
{
"_id": null,
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 update 7"
},
{
"_id": null,
"model": "sdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.4.2_38"
},
{
"_id": null,
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"_id": null,
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus developer\u0027s kit for java",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"_id": null,
"model": "cosminexus server - standard edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus server - web edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- standard edition version 4"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- web edition version 4"
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"_id": null,
"model": "hirdb for java /xml",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "developer\u0027s kit for java",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "processing kit for xml",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"_id": null,
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "for plug-in"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"_id": null,
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"_id": null,
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus operator",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus portal framework",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "entry set"
},
{
"_id": null,
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"_id": null,
"model": "ucosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard-r"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"_id": null,
"model": "jdk 1.5.0.0 11",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 11-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 28",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 01-b06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0.0 07",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 2",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 01",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.4.2 27",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 07-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 20",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "1.10.10"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "1.11.5"
},
{
"_id": null,
"model": "trio tview software",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.27.0"
},
{
"_id": null,
"model": "nonstop server h06.16.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.19.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "nonstop server j06.08.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.15.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.3.3"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "trio tview software",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.29.0"
},
{
"_id": null,
"model": "nonstop server j06.06.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.14",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "nonstop server j06.09.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.26",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.3.2"
},
{
"_id": null,
"model": "nonstop server j06.04.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "nonstop server j06.13",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "nonstop server j06.09.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "ucosminexus operator",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "jre 27",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "rational host on-demand",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.6.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"_id": null,
"model": "nonstop server h06.18.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.15.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.22.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "openjdk",
"scope": "eq",
"trust": 0.3,
"vendor": "openjdk",
"version": "7"
},
{
"_id": null,
"model": "nonstop server j06.12.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "nonstop server j06.05.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.08.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.09.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "4.0"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "8.0"
},
{
"_id": null,
"model": "nonstop server j06.16",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "nonstop server j6.0.14.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "1.11.4"
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.1.3"
},
{
"_id": null,
"model": "jdk 1.5.0 11",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk and jre for openvms integrity servers 6.0-3.p1",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "vcenter server update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.11"
},
{
"_id": null,
"model": "ucosminexus service platform messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"_id": null,
"model": "nonstop server j06.07.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "nonstop server j06.09.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk and jre for openvms integrity servers",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.0-4"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "nonstop server j06.10.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.06.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.24.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"_id": null,
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.25",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.2.2"
},
{
"_id": null,
"model": "nonstop server h06.15.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7"
},
{
"_id": null,
"model": "openjdk",
"scope": "eq",
"trust": 0.3,
"vendor": "openjdk",
"version": "6"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.2"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "jre 1.5.0 09",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "nonstop server j06.07.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "nonstop server j06.08.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.08.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "nonstop server h06.15.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.24",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.1"
},
{
"_id": null,
"model": "nonstop server h06.16.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.18.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.20.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "1.10.9"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0"
},
{
"_id": null,
"model": "nonstop server j06.13.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"_id": null,
"model": "jdk 1.5.0 11-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.19.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hirdb",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "8.0"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "nonstop server h06.22.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "nonstop server h06.19.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0"
},
{
"_id": null,
"model": "jre 28",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "nonstop server j06.11.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.15",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "nonstop server h06.21.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "virtualcenter",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5"
},
{
"_id": null,
"model": "nonstop server h06.20.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "9.0"
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"_id": null,
"model": "jre 10-b03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "vcenter update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "nonstop server j06.05.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.07.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.21.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.19.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk 0 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 08",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "rational host on-demand",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.7"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"_id": null,
"model": "cosminexus",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.0"
},
{
"_id": null,
"model": "nonstop server j06.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.26.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "nonstop server j06.04.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.04.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.06.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.21.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.06.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.17.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 07-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "vcenter update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "jdk 1.6.0 01-b06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.20.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "nonstop server j06.10.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "nonstop server h06.17.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "nonstop server h06.16.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "nonstop server j06.05.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "processing kit for xml",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "rational host on-demand",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "nonstop server h06.20.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "jdk 0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "icedtea",
"scope": "eq",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.1.2"
},
{
"_id": null,
"model": "ucosminexus portal framework",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "nonstop server j06.09.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "update manager update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.11"
},
{
"_id": null,
"model": "nonstop server h06.17.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hirdb",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0"
},
{
"_id": null,
"model": "nonstop server j06.08.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.10.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "icedtea",
"scope": "ne",
"trust": 0.3,
"vendor": "icedtea",
"version": "2.2.3"
},
{
"_id": null,
"model": "nonstop server h06.25.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.18.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.27",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server h06.17.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "nonstop server j06.14.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "56067"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-297"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004979"
},
{
"db": "NVD",
"id": "CVE-2012-5085"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:sun:jdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:jre",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:sdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hirdb_for_java_xml",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:processing_kit_for_xml",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_light",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_operator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_portal_framework",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_primary_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_architect",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_platform",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004979"
}
]
},
"credits": {
"_id": null,
"data": "Oracle",
"sources": [
{
"db": "BID",
"id": "56067"
}
],
"trust": 0.3
},
"cve": "CVE-2012-5085",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2012-5085",
"impactScore": 0.0,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 10.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-5085",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-5085",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2012-5085",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-201210-297",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2012-5085",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-5085"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-297"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004979"
},
{
"db": "NVD",
"id": "CVE-2012-5085"
}
]
},
"description": {
"_id": null,
"data": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE. \nThe vulnerability can be exploited over the \u0027Gopher\u0027 protocol. This issue affects the \u0027Networking\u0027 sub-component. \nThis vulnerability affects the following supported versions:\n7 Update 7, 6 Update 35, 5.0 Update 36, 1.4.2_38. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201406-32\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: IcedTea JDK: Multiple vulnerabilities\n Date: June 29, 2014\n Bugs: #312297, #330205, #340819, #346799, #352035, #353418,\n #354231, #355127, #370787, #387637, #404095, #421031,\n #429522, #433389, #438750, #442478, #457206, #458410,\n #461714, #466822, #477210, #489570, #508270\n ID: 201406-32\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the IcedTea JDK, the worst\nof which could lead to arbitrary code execution. \n\nBackground\n==========\n\nIcedTea is a distribution of the Java OpenJDK source code built with\nfree build tools. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-java/icedtea-bin \u003c 6.1.13.3 \u003e= 6.1.13.3 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in the IcedTea JDK. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, bypass intended security policies, or have other\nunspecified impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll IcedTea JDK users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-java/icedtea-bin-6.1.13.3\"\n\nReferences\n==========\n\n[ 1 ] CVE-2009-3555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555\n[ 2 ] CVE-2010-2548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548\n[ 3 ] CVE-2010-2783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783\n[ 4 ] CVE-2010-3541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541\n[ 5 ] CVE-2010-3548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548\n[ 6 ] CVE-2010-3549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549\n[ 7 ] CVE-2010-3551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551\n[ 8 ] CVE-2010-3553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553\n[ 9 ] CVE-2010-3554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554\n[ 10 ] CVE-2010-3557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557\n[ 11 ] CVE-2010-3561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561\n[ 12 ] CVE-2010-3562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562\n[ 13 ] CVE-2010-3564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564\n[ 14 ] CVE-2010-3565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565\n[ 15 ] CVE-2010-3566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566\n[ 16 ] CVE-2010-3567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567\n[ 17 ] CVE-2010-3568\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568\n[ 18 ] CVE-2010-3569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569\n[ 19 ] CVE-2010-3573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573\n[ 20 ] CVE-2010-3574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574\n[ 21 ] CVE-2010-3860\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860\n[ 22 ] CVE-2010-4351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351\n[ 23 ] CVE-2010-4448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448\n[ 24 ] CVE-2010-4450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450\n[ 25 ] CVE-2010-4465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465\n[ 26 ] CVE-2010-4467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467\n[ 27 ] CVE-2010-4469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469\n[ 28 ] CVE-2010-4470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470\n[ 29 ] CVE-2010-4471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471\n[ 30 ] CVE-2010-4472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472\n[ 31 ] CVE-2010-4476\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476\n[ 32 ] CVE-2011-0025\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025\n[ 33 ] CVE-2011-0706\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706\n[ 34 ] CVE-2011-0815\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815\n[ 35 ] CVE-2011-0822\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822\n[ 36 ] CVE-2011-0862\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862\n[ 37 ] CVE-2011-0864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864\n[ 38 ] CVE-2011-0865\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865\n[ 39 ] CVE-2011-0868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868\n[ 40 ] CVE-2011-0869\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869\n[ 41 ] CVE-2011-0870\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870\n[ 42 ] CVE-2011-0871\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871\n[ 43 ] CVE-2011-0872\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872\n[ 44 ] CVE-2011-3389\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389\n[ 45 ] CVE-2011-3521\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521\n[ 46 ] CVE-2011-3544\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544\n[ 47 ] CVE-2011-3547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547\n[ 48 ] CVE-2011-3548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548\n[ 49 ] CVE-2011-3551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551\n[ 50 ] CVE-2011-3552\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552\n[ 51 ] CVE-2011-3553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553\n[ 52 ] CVE-2011-3554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554\n[ 53 ] CVE-2011-3556\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556\n[ 54 ] CVE-2011-3557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557\n[ 55 ] CVE-2011-3558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558\n[ 56 ] CVE-2011-3560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560\n[ 57 ] CVE-2011-3563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[ 58 ] CVE-2011-3571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571\n[ 59 ] CVE-2011-5035\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[ 60 ] CVE-2012-0497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[ 61 ] CVE-2012-0501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[ 62 ] CVE-2012-0502\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[ 63 ] CVE-2012-0503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[ 64 ] CVE-2012-0505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[ 65 ] CVE-2012-0506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[ 66 ] CVE-2012-0547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[ 67 ] CVE-2012-1711\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[ 68 ] CVE-2012-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[ 69 ] CVE-2012-1716\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[ 70 ] CVE-2012-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[ 71 ] CVE-2012-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[ 72 ] CVE-2012-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[ 73 ] CVE-2012-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[ 74 ] CVE-2012-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[ 75 ] CVE-2012-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[ 76 ] CVE-2012-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[ 77 ] CVE-2012-3216\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[ 78 ] CVE-2012-3422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422\n[ 79 ] CVE-2012-3423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423\n[ 80 ] CVE-2012-4416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[ 81 ] CVE-2012-4540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540\n[ 82 ] CVE-2012-5068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[ 83 ] CVE-2012-5069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[ 84 ] CVE-2012-5070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[ 85 ] CVE-2012-5071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[ 86 ] CVE-2012-5072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[ 87 ] CVE-2012-5073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[ 88 ] CVE-2012-5074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[ 89 ] CVE-2012-5075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[ 90 ] CVE-2012-5076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[ 91 ] CVE-2012-5077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[ 92 ] CVE-2012-5081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[ 93 ] CVE-2012-5084\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[ 94 ] CVE-2012-5085\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[ 95 ] CVE-2012-5086\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[ 96 ] CVE-2012-5087\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[ 97 ] CVE-2012-5089\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[ 98 ] CVE-2012-5979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979\n[ 99 ] CVE-2013-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[ 100 ] CVE-2013-0401\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[ 101 ] CVE-2013-0424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424\n[ 102 ] CVE-2013-0425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425\n[ 103 ] CVE-2013-0426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426\n[ 104 ] CVE-2013-0427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427\n[ 105 ] CVE-2013-0428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428\n[ 106 ] CVE-2013-0429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429\n[ 107 ] CVE-2013-0431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431\n[ 108 ] CVE-2013-0432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432\n[ 109 ] CVE-2013-0433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433\n[ 110 ] CVE-2013-0434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434\n[ 111 ] CVE-2013-0435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435\n[ 112 ] CVE-2013-0440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440\n[ 113 ] CVE-2013-0441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441\n[ 114 ] CVE-2013-0442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442\n[ 115 ] CVE-2013-0443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443\n[ 116 ] CVE-2013-0444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444\n[ 117 ] CVE-2013-0450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450\n[ 118 ] CVE-2013-0809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[ 119 ] CVE-2013-1475\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475\n[ 120 ] CVE-2013-1476\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476\n[ 121 ] CVE-2013-1478\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478\n[ 122 ] CVE-2013-1480\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480\n[ 123 ] CVE-2013-1484\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[ 124 ] CVE-2013-1485\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[ 125 ] CVE-2013-1486\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[ 126 ] CVE-2013-1488\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[ 127 ] CVE-2013-1493\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[ 128 ] CVE-2013-1500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[ 129 ] CVE-2013-1518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[ 130 ] CVE-2013-1537\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[ 131 ] CVE-2013-1557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[ 132 ] CVE-2013-1569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[ 133 ] CVE-2013-1571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[ 134 ] CVE-2013-2383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[ 135 ] CVE-2013-2384\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 136 ] CVE-2013-2407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 137 ] CVE-2013-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 138 ] CVE-2013-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 139 ] CVE-2013-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 140 ] CVE-2013-2419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 141 ] CVE-2013-2420\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 142 ] CVE-2013-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 143 ] CVE-2013-2422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 144 ] CVE-2013-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 145 ] CVE-2013-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 146 ] CVE-2013-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 147 ] CVE-2013-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 148 ] CVE-2013-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 149 ] CVE-2013-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 150 ] CVE-2013-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 151 ] CVE-2013-2443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 152 ] CVE-2013-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 153 ] CVE-2013-2445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 154 ] CVE-2013-2446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 155 ] CVE-2013-2447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 156 ] CVE-2013-2448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 157 ] CVE-2013-2449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 158 ] CVE-2013-2450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 159 ] CVE-2013-2451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 160 ] CVE-2013-2452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 161 ] CVE-2013-2453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 162 ] CVE-2013-2454\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 163 ] CVE-2013-2455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 164 ] CVE-2013-2456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 165 ] CVE-2013-2457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 166 ] CVE-2013-2458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 167 ] CVE-2013-2459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 168 ] CVE-2013-2460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 169 ] CVE-2013-2461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 170 ] CVE-2013-2463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 171 ] CVE-2013-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 172 ] CVE-2013-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 173 ] CVE-2013-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 174 ] CVE-2013-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 175 ] CVE-2013-2472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 176 ] CVE-2013-2473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 177 ] CVE-2013-3829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 178 ] CVE-2013-4002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002\n[ 179 ] CVE-2013-5772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 180 ] CVE-2013-5774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 181 ] CVE-2013-5778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 182 ] CVE-2013-5780\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 183 ] CVE-2013-5782\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 184 ] CVE-2013-5783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 185 ] CVE-2013-5784\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 186 ] CVE-2013-5790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 187 ] CVE-2013-5797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 188 ] CVE-2013-5800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 189 ] CVE-2013-5802\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 190 ] CVE-2013-5803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 191 ] CVE-2013-5804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 192 ] CVE-2013-5805\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 193 ] CVE-2013-5806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 194 ] CVE-2013-5809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 195 ] CVE-2013-5814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 196 ] CVE-2013-5817\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 197 ] CVE-2013-5820\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 198 ] CVE-2013-5823\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 199 ] CVE-2013-5825\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 200 ] CVE-2013-5829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 201 ] CVE-2013-5830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 202 ] CVE-2013-5840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 203 ] CVE-2013-5842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 204 ] CVE-2013-5849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 205 ] CVE-2013-5850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 206 ] CVE-2013-5851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 207 ] CVE-2013-6629\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629\n[ 208 ] CVE-2013-6954\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954\n[ 209 ] CVE-2014-0429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429\n[ 210 ] CVE-2014-0446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446\n[ 211 ] CVE-2014-0451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451\n[ 212 ] CVE-2014-0452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452\n[ 213 ] CVE-2014-0453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453\n[ 214 ] CVE-2014-0456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456\n[ 215 ] CVE-2014-0457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457\n[ 216 ] CVE-2014-0458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458\n[ 217 ] CVE-2014-0459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459\n[ 218 ] CVE-2014-0460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460\n[ 219 ] CVE-2014-0461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461\n[ 220 ] CVE-2014-1876\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876\n[ 221 ] CVE-2014-2397\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397\n[ 222 ] CVE-2014-2398\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398\n[ 223 ] CVE-2014-2403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403\n[ 224 ] CVE-2014-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412\n[ 225 ] CVE-2014-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414\n[ 226 ] CVE-2014-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421\n[ 227 ] CVE-2014-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423\n[ 228 ] CVE-2014-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201406-32.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2012:169\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : java-1.6.0-openjdk\n Date : November 1, 2012\n Affected: 2011., Enterprise Server 5.0\n _______________________________________________________________________\n\n Problem Description:\n\n Multiple security issues were identified and fixed in OpenJDK\n (icedtea6):\n \n * S6631398, CVE-2012-3216: FilePermission improved path checking\n * S7093490: adjust package access in rmiregistry\n * S7143535, CVE-2012-5068: ScriptEngine corrected permissions\n * S7167656, CVE-2012-5077: Multiple Seeders are being created\n * S7169884, CVE-2012-5073: LogManager checks do not work correctly\n for sub-types\n * S7169888, CVE-2012-5075: Narrowing resource definitions in JMX\n RMI connector\n * S7172522, CVE-2012-5072: Improve DomainCombiner checking\n * S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC\n * S7189103, CVE-2012-5069: Executors needs to maintain state\n * S7189490: More improvements to DomainCombiner checking\n * S7189567, CVE-2012-5085: java net obselete protocol\n * S7192975, CVE-2012-5071: Conditional usage check is wrong\n * S7195194, CVE-2012-5084: Better data validation for Swing\n * S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should\n be improved\n * S7195919, CVE-2012-5979: (sl) ServiceLoader can throw CCE without\n needing to create instance\n * S7198296, CVE-2012-5089: Refactor classloader usage\n * S7158800: Improve storage of symbol tables\n * S7158801: Improve VM CompileOnly option\n * S7158804: Improve config file parsing\n * S7176337: Additional changes needed for 7158801 fix\n * S7198606, CVE-2012-4416: Improve VM optimization\n \n The updated packages provides icedtea6-1.11.5 which is not vulnerable\n to these issues. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niD8DBQFQklqImqjQ0CJFipgRAiNOAJ4qA9L2NTdql1htD7pQDNJrDlPnUgCguupW\nxu3AOptE+B1OsUdPAeTUH5o=\n=2CFK\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c03595351\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03595351\nVersion: 1\n\nHPSBUX02832 SSRT101042 rev.1 - HP-UX Running Java, Remote Unauthorized\nAccess, Disclosure of Information, and Other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2012-12-12\nLast Updated: 2012-12-12\n\nPotential Security Impact: Remote unauthorized access, disclosure of\ninformation, and other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in Java Runtime\nEnvironment (JRE) and Java Developer Kit (JDK) running on HP-UX. These\nvulnerabilities could allow remote unauthorized access, disclosure of\ninformation, and other exploits. \nHP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v7.0.03, v6.0.16\nand v5.0.26 and earlier\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2012-1531 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-1532 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-1533 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-3143 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-3159 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2012-3216 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\nCVE-2012-4416 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2012-5068 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2012-5069 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8\nCVE-2012-5071 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2012-5072 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2012-5073 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2012-5075 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2012-5077 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\nCVE-2012-5079 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2012-5081 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2012-5083 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-5084 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2012-5085 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 0.0\nCVE-2012-5086 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-5087 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-5089 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nNOTE: The following apply to both v7.0.03 and v6.0.16 and earlier:\nCVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159,\nCVE-2012-3216, CVE-2012-4416, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071,\nCVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5077, CVE-2012-5079,\nCVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086,\nCVE-2012-5087, CVE-2012-5089\n\nNOTE: The following apply to v5.0.26 and earlier: CVE-2012-1531,\nCVE-2012-3143, CVE-2012-3216, CVE-2012-5069, CVE-2012-5071, CVE-2012-5073,\nCVE-2012-5075, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083,\nCVE-2012-5084, CVE-2012-5085, CVE-2012-5089\n\nRESOLUTION\n\nHP has provided the following Java version upgrade to resolve these\nvulnerabilities. \nThe upgrade is available from the following location\n\nhttp://www.hp.com/java\n\nHP-UX B.11.23, B.11.31\n JDK and JRE v7.0.04 or subsequent\n\nHP-UX B.11.11, B.11.23, B.11.31\n JDK and JRE v6.0.17 or subsequent\n\nHP-UX B.11.11, B.11.23, B.11.31\n JDK and JRE v5.0.27 or subsequent\n\nMANUAL ACTIONS: Yes - Update\nFor Java v7.0 update to Java v7.0.04 or subsequent\nFor Java v6.0 update to Java v6.0.17 or subsequent\nFor Java v5.0 update to Java v5.0.27 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJdk70.JDK70-COM\nJdk70.JDK70-DEMO\nJdk70.JDK70-IPF32\nJdk70.JDK70-IPF64\nJre70.JRE70-COM\nJre70.JRE70-IPF32\nJre70.JRE70-IPF32-HS\nJre70.JRE70-IPF64\nJre70.JRE70-IPF64-HS\naction: install revision 1.7.0.04.00 or subsequent\n\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJdk60.JDK60-COM\nJdk60.JDK60-DEMO\nJdk60.JDK60-IPF32\nJdk60.JDK60-IPF64\nJre60.JRE60-COM\nJre60.JRE60-IPF32\nJre60.JRE60-IPF32-HS\nJre60.JRE60-IPF64\nJre60.JRE60-IPF64-HS\naction: install revision 1.6.0.17.00 or subsequent\n\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJdk15.JDK15-COM\nJdk15.JDK15-DEMO\nJdk15.JDK15-IPF32\nJdk15.JDK15-IPF64\nJre15.JRE15-COM\nJre15.JRE15-COM-DOC\nJre15.JRE15-IPF32\nJre15.JRE15-IPF32-HS\nJre15.JRE15-IPF64\nJre15.JRE15-IPF64-HS\naction: install revision 1.5.0.27.00 or subsequent\n\nHP-UX B.11.11\nHP-UX B.11.23\n===========\nJdk60.JDK60-COM\nJdk60.JDK60-DEMO\nJdk60.JDK60-PA20\nJdk60.JDK60-PA20W\nJre60.JRE60-COM\nJre60.JRE60-COM-DOC\nJre60.JRE60-PA20\nJre60.JRE60-PA20-HS\nJre60.JRE60-PA20W\nJre60.JRE60-PA20W-HS\naction: install revision 1.6.0.17.00 or subsequent\n\nHP-UX B.11.11\nHP-UX B.11.23\n===========\nJdk15.JDK15-COM\nJdk15.JDK15-DEMO\nJdk15.JDK15-PA20\nJdk15.JDK15-PA20W\nJre15.JRE15-COM\nJre15.JRE15-COM-DOC\nJre15.JRE15-PA20\nJre15.JRE15-PA20-HS\nJre15.JRE15-PA20W\nJre15.JRE15-PA20W-HS\naction: install revision 1.5.0.27.00 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 12 December 2012 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated\nperiodically, is contained in HP Security Notice HPSN-2011-001:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttp://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2012 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch Update Advisory page, listed in the References section. ============================================================================\nUbuntu Security Notice USN-1619-1\nOctober 26, 2012\n\nopenjdk-6, openjdk-7 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.10\n- Ubuntu 12.04 LTS\n- Ubuntu 11.10\n- Ubuntu 11.04\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenJDK. An attacker could exploit these\nto cause a denial of service. \nThese issues only affected Ubuntu 12.10. (CVE-2012-5067, CVE-2012-5070)\n\nVulnerabilities were discovered in the OpenJDK JRE related to data\nintegrity. (CVE-2012-5073, CVE-2012-5079)\n\nA vulnerability was discovered in the OpenJDK JRE related to information\ndisclosure and data integrity. This issue only affected Ubuntu 12.10. An attacker could exploit these\nto cause a denial of service. These issues only affected Ubuntu 12.10. \n(CVE-2012-5076, CVE-2012-5087, CVE-2012-5088)\n\nA denial of service vulnerability was found in OpenJDK. (CVE-2012-5081)\n\nPlease see the following for more information:\nhttp://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.10:\n icedtea-7-jre-cacao 7u9-2.3.3-0ubuntu1~12.10.1\n icedtea-7-jre-jamvm 7u9-2.3.3-0ubuntu1~12.10.1\n openjdk-7-jre 7u9-2.3.3-0ubuntu1~12.10.1\n openjdk-7-jre-headless 7u9-2.3.3-0ubuntu1~12.10.1\n openjdk-7-jre-lib 7u9-2.3.3-0ubuntu1~12.10.1\n openjdk-7-jre-zero 7u9-2.3.3-0ubuntu1~12.10.1\n\nUbuntu 12.04 LTS:\n icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~12.04.1\n icedtea-6-jre-jamvm 6b24-1.11.5-0ubuntu1~12.04.1\n openjdk-6-jre 6b24-1.11.5-0ubuntu1~12.04.1\n openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~12.04.1\n openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~12.04.1\n openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~12.04.1\n\nUbuntu 11.10:\n icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~11.10.1\n icedtea-6-jre-jamvm 6b24-1.11.5-0ubuntu1~11.10.1\n openjdk-6-jre 6b24-1.11.5-0ubuntu1~11.10.1\n openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~11.10.1\n openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~11.10.1\n openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~11.10.1\n\nUbuntu 11.04:\n icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~11.04.1\n icedtea-6-jre-jamvm 6b24-1.11.5-0ubuntu1~11.04.1\n openjdk-6-jre 6b24-1.11.5-0ubuntu1~11.04.1\n openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~11.04.1\n openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~11.04.1\n openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~11.04.1\n\nUbuntu 10.04 LTS:\n icedtea-6-jre-cacao 6b24-1.11.5-0ubuntu1~10.04.2\n openjdk-6-jre 6b24-1.11.5-0ubuntu1~10.04.2\n openjdk-6-jre-headless 6b24-1.11.5-0ubuntu1~10.04.2\n openjdk-6-jre-lib 6b24-1.11.5-0ubuntu1~10.04.2\n openjdk-6-jre-zero 6b24-1.11.5-0ubuntu1~10.04.2\n\nThis update uses a new upstream release, which includes additional bug\nfixes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: java-1.7.0-openjdk security update\nAdvisory ID: RHSA-2012:1386-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1386.html\nIssue date: 2012-10-17\nCVE Names: CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 \n CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 \n CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 \n CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 \n CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 \n CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 \n CVE-2012-5088 CVE-2012-5089 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-openjdk packages that fix several security issues are\nnow available for Red Hat Enterprise Linux 6. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64\n\n3. Description:\n\nThese packages provide the OpenJDK 7 Java Runtime Environment and the\nOpenJDK 7 Software Development Kit. \n\nMultiple improper permission check issues were discovered in the Beans,\nLibraries, Swing, and JMX components in OpenJDK. An untrusted Java\napplication or applet could use these flaws to bypass Java sandbox\nrestrictions. (CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5084,\nCVE-2012-5089)\n\nThe default Java security properties configuration did not restrict access\nto certain com.sun.org.glassfish packages. An untrusted Java application\nor applet could use these flaws to bypass Java sandbox restrictions. This\nupdate lists those packages as restricted. (CVE-2012-5076, CVE-2012-5074)\n\nMultiple improper permission check issues were discovered in the Scripting,\nJMX, Concurrency, Libraries, and Security components in OpenJDK. An\nuntrusted Java application or applet could use these flaws to bypass\ncertain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071,\nCVE-2012-5069, CVE-2012-5073, CVE-2012-5072)\n\nIt was discovered that java.util.ServiceLoader could create an instance of\nan incompatible class while performing provider lookup. An untrusted Java\napplication or applet could use this flaw to bypass certain Java sandbox\nrestrictions. (CVE-2012-5079)\n\nIt was discovered that the Java Secure Socket Extension (JSSE) SSL/TLS\nimplementation did not properly handle handshake records containing an\noverly large data length value. An unauthenticated, remote attacker could\npossibly use this flaw to cause an SSL/TLS server to terminate with an\nexception. (CVE-2012-5081)\n\nIt was discovered that the JMX component in OpenJDK could perform certain\nactions in an insecure manner. An untrusted Java application or applet\ncould possibly use these flaws to disclose sensitive information. \n(CVE-2012-5070, CVE-2012-5075)\n\nA bug in the Java HotSpot Virtual Machine optimization code could cause it\nto not perform array initialization in certain cases. An untrusted Java\napplication or applet could use this flaw to disclose portions of the\nvirtual machine\u0027s memory. (CVE-2012-4416)\n\nIt was discovered that the SecureRandom class did not properly protect\nagainst the creation of multiple seeders. An untrusted Java application or\napplet could possibly use this flaw to disclose sensitive information. \n(CVE-2012-5077)\n\nIt was discovered that the java.io.FilePermission class exposed the hash\ncode of the canonicalized path name. An untrusted Java application or\napplet could possibly use this flaw to determine certain system paths, such\nas the current working directory. (CVE-2012-3216)\n\nThis update disables Gopher protocol support in the java.net package by\ndefault. Gopher support can be enabled by setting the newly introduced\nproperty, \"jdk.net.registerGopherProtocol\", to true. (CVE-2012-5085)\n\nThis erratum also upgrades the OpenJDK package to IcedTea7 2.3.3. Refer to\nthe NEWS file, linked to in the References, for further information. \n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n856124 - CVE-2012-4416 OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606)\n865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398)\n865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535)\n865350 - CVE-2012-5070 OpenJDK: EnvHelp information disclosure (JMX, 7158796)\n865352 - CVE-2012-5076 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7163198)\n865354 - CVE-2012-5077 OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656)\n865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884)\n865359 - CVE-2012-5074 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7169887)\n865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)\n865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522)\n865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286)\n865428 - CVE-2012-5086 OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917)\n865434 - CVE-2012-5087 OpenJDK: PropertyElementHandler insufficient access checks (Beans, 7195549)\n865471 - CVE-2012-5088 OpenJDK: MethodHandle insufficient access control checks (Libraries, 7196190)\n865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)\n865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)\n865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975)\n865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103)\n865541 - CVE-2012-5085 OpenJDK: disable Gopher support by default (Gopher, 7189567)\n865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-3216.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-4416.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5068.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5069.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5070.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5071.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5072.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5073.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5074.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5075.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5076.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5077.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5079.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5081.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5084.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5085.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5086.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5087.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5088.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5089.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttp://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.3/NEWS\nhttp://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQftouXlSAg2UNWIIRAu4QAJ9oluAxlU3ZC8CvezRk4Erm08HD+QCeNlqf\nGG07IH3dgJiG+gj47Cm1WNQ=\n=8X+P\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5085"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004979"
},
{
"db": "BID",
"id": "56067"
},
{
"db": "VULMON",
"id": "CVE-2012-5085"
},
{
"db": "PACKETSTORM",
"id": "117454"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "117825"
},
{
"db": "PACKETSTORM",
"id": "118835"
},
{
"db": "PACKETSTORM",
"id": "117477"
},
{
"db": "PACKETSTORM",
"id": "117704"
},
{
"db": "PACKETSTORM",
"id": "117452"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2012-5085",
"trust": 3.5
},
{
"db": "HITACHI",
"id": "HS12-023",
"trust": 2.0
},
{
"db": "BID",
"id": "56067",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "51029",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51141",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51028",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51166",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004979",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-297",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-213-02",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2012-5085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117454",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127267",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117825",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118835",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117477",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117704",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117452",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-5085"
},
{
"db": "BID",
"id": "56067"
},
{
"db": "PACKETSTORM",
"id": "117454"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "117825"
},
{
"db": "PACKETSTORM",
"id": "118835"
},
{
"db": "PACKETSTORM",
"id": "117477"
},
{
"db": "PACKETSTORM",
"id": "117704"
},
{
"db": "PACKETSTORM",
"id": "117452"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-297"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004979"
},
{
"db": "NVD",
"id": "CVE-2012-5085"
}
]
},
"id": "VAR-201210-0132",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.75
},
"last_update_date": "2026-04-10T22:30:13.231000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HS12-023",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html"
},
{
"title": "HPSBUX02832 SSRT101042",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c03595351"
},
{
"title": "HPSBOV02833 SSRT101043",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c03596813"
},
{
"title": "openSUSE-SU-2012:1423",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html"
},
{
"title": "SUSE-SU-2012:1398",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"title": "Text Form of Oracle Java SE Critical Patch Update - October 2012 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012verbose-1515981.html"
},
{
"title": "Oracle Java SE Critical Patch Update Advisory - October 2012",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
},
{
"title": "RHSA-2012:1391",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"
},
{
"title": "RHSA-2012:1392",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1392.html"
},
{
"title": "RHSA-2012:1385",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1385.html"
},
{
"title": "RHSA-2012:1386",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2012-1386.html"
},
{
"title": "October 2012 Critical Patch Update and Critical Patch Update for Java SE Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2012_critical_patch_update"
},
{
"title": "XRX13-003",
"trust": 0.8,
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
},
{
"title": "HS12-023",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-023/index.html"
},
{
"title": "Oracle Corporation Java\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/oracle/20121017.html"
},
{
"title": "Oracle Java SE JRE Fixes for Unknown Security Vulnerabilities in Components",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=192746"
},
{
"title": "Red Hat: Important: java-1.6.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121385 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.6.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121384 - Security Advisory"
},
{
"title": "Red Hat: Important: java-1.7.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121386 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.6.0-sun security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121392 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-oracle security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121391 - Security Advisory"
},
{
"title": "Amazon Linux AMI: ALAS-2012-136",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2012-136"
},
{
"title": "Amazon Linux AMI: ALAS-2012-137",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2012-137"
},
{
"title": "Red Hat: Critical: java-1.5.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20130624 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: openjdk-6, openjdk-7 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1619-1"
},
{
"title": "Red Hat: Critical: java-1.6.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20130625 - Security Advisory"
},
{
"title": "Red Hat: Critical: java-1.7.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20130626 - Security Advisory"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-5085"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-297"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004979"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004979"
},
{
"db": "NVD",
"id": "CVE-2012-5085"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
},
{
"trust": 2.0,
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_xrx13-003_v1.0.pdf"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1391.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1385.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1386.html"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/56067"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1392.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=135542848327757\u0026w=2"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=135758563611658\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51029"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51028"
},
{
"trust": 1.7,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-023/index.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51141"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51166"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:150"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16654"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5085"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20121017-jre.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5085"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5077"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5075"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4416"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5089"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5071"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5081"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5072"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5086"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5085"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3216"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5068"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5069"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5084"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5073"
},
{
"trust": 0.4,
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-october/020556.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5079"
},
{
"trust": 0.3,
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-october/020571.html"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_fixed_in_java"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_fixed_in_java1"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100168011"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100168009"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03595351"
},
{
"trust": 0.3,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?docid=emr_na-c03909126-1"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03596813"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-023/index.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21625941"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2013-0003.html"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2013-0006.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5072.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5073.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5085.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5086.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4416.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5089.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5079.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5068.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5081.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5071.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3216.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5069.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5075.html"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5077.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5084.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.3,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1533"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1531"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1532"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3143"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3159"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5087"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5083"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5070"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5076"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5074"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5070.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5076.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5074.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5088"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5088.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5087.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5067"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2012:1385"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/1619-1/"
},
{
"trust": 0.1,
"url": "https://alas.aws.amazon.com/alas-2012-136.html"
},
{
"trust": 0.1,
"url": "http://icedtea.classpath.org/hg/release/icedtea6-1.10/file/icedtea6-1.10.10/news"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3551"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5075"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5086"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4416"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5089"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3216"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5979"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5081"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5077"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5068"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5071"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5084"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5979"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5073"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5072"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5069"
},
{
"trust": 0.1,
"url": "http://www.hp.com/java"
},
{
"trust": 0.1,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3143.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5067.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1531.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1532.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3159.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-5083.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-1533.html"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b24-1.11.5-0ubuntu1~11.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b24-1.11.5-0ubuntu1~12.04.1"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-1619-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-7/7u9-2.3.3-0ubuntu1~12.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b24-1.11.5-0ubuntu1~10.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b24-1.11.5-0ubuntu1~11.04.1"
},
{
"trust": 0.1,
"url": "http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.3/news"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-5085"
},
{
"db": "BID",
"id": "56067"
},
{
"db": "PACKETSTORM",
"id": "117454"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "117825"
},
{
"db": "PACKETSTORM",
"id": "118835"
},
{
"db": "PACKETSTORM",
"id": "117477"
},
{
"db": "PACKETSTORM",
"id": "117704"
},
{
"db": "PACKETSTORM",
"id": "117452"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-297"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004979"
},
{
"db": "NVD",
"id": "CVE-2012-5085"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2012-5085",
"ident": null
},
{
"db": "BID",
"id": "56067",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "117454",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127267",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "117825",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "118835",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "117477",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "117704",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "117452",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201210-297",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004979",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2012-5085",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2012-10-16T00:00:00",
"db": "VULMON",
"id": "CVE-2012-5085",
"ident": null
},
{
"date": "2012-10-16T00:00:00",
"db": "BID",
"id": "56067",
"ident": null
},
{
"date": "2012-10-18T06:07:56",
"db": "PACKETSTORM",
"id": "117454",
"ident": null
},
{
"date": "2014-06-30T23:39:28",
"db": "PACKETSTORM",
"id": "127267",
"ident": null
},
{
"date": "2012-11-02T03:34:46",
"db": "PACKETSTORM",
"id": "117825",
"ident": null
},
{
"date": "2012-12-14T02:38:55",
"db": "PACKETSTORM",
"id": "118835",
"ident": null
},
{
"date": "2012-10-18T22:02:02",
"db": "PACKETSTORM",
"id": "117477",
"ident": null
},
{
"date": "2012-10-26T22:43:35",
"db": "PACKETSTORM",
"id": "117704",
"ident": null
},
{
"date": "2012-10-18T06:07:00",
"db": "PACKETSTORM",
"id": "117452",
"ident": null
},
{
"date": "2012-10-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-297",
"ident": null
},
{
"date": "2012-10-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004979",
"ident": null
},
{
"date": "2012-10-16T21:55:02.417000",
"db": "NVD",
"id": "CVE-2012-5085",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-11-30T00:00:00",
"db": "VULMON",
"id": "CVE-2012-5085",
"ident": null
},
{
"date": "2017-08-03T11:09:00",
"db": "BID",
"id": "56067",
"ident": null
},
{
"date": "2022-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-297",
"ident": null
},
{
"date": "2015-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004979",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2012-5085",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "118835"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-297"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "Oracle Java SE of Java Runtime Environment In Networking Processing vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004979"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-297"
}
],
"trust": 0.6
}
}
VAR-201509-0003
Vulnerability from variot - Updated: 2026-04-10 22:29buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. ISC BIND is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. ISC BIND is a set of open source software that implements the DNS protocol maintained by the Internet Systems Consortium (ISC) company in the United States. A security vulnerability exists in the buffer.c file in named in versions 9.x prior to ISC BIND 9.9.7-P3 and 9.10.x prior to 9.10.2-P4.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/bind-9.9.7_P3-i486-1_slack14.1.txz: Upgraded. This update fixes two denial-of-service vulnerabilities: + CVE-2015-5722 is a denial-of-service vector which can be exploited remotely against a BIND server that is performing validation on DNSSEC-signed records. Validating recursive resolvers are at the greatest risk from this defect, but it has not been ruled out that it could be exploited against an authoritative-only nameserver under limited conditions. Servers that are not performing validation are not vulnerable. However, ISC does not recommend disabling validation as a workaround to this issue as it exposes the server to other types of attacks. Upgrading to the patched versions is the recommended solution. All versions of BIND since 9.0.0 are vulnerable to CVE-2015-5722. Validation is not required. Recursive resolvers are at the greatest risk from this defect, but it has not been ruled out that it could be exploited against an authoritative-only nameserver under limited conditions. Only versions of BIND since 9.9.7 and 9.10.2 are vulnerable to CVE-2015-5986. For more information, see: https://kb.isc.org/article/AA-01287/0 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722 https://kb.isc.org/article/AA-01291/0 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5986 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.9.7_P3-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.9.7_P3-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.9.7_P3-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.7_P3-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.7_P3-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.9.7_P3-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.9.7_P3-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.10.2_P4-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.10.2_P4-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 package: 627f6c6827eca24776d790166801de25 bind-9.9.7_P3-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 49082f50322af84efe8d91459599b837 bind-9.9.7_P3-x86_64-1_slack13.0.txz
Slackware 13.1 package: 4dd375df46e84dbecb9f296e2fec692a bind-9.9.7_P3-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: 90b4376b145544d9a63c28dcb891ca47 bind-9.9.7_P3-x86_64-1_slack13.1.txz
Slackware 13.37 package: 181ce9e11eb9d909c5c06b8ddd5bb1b5 bind-9.9.7_P3-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 368f7a3b977865b0132bdcd129e70813 bind-9.9.7_P3-x86_64-1_slack13.37.txz
Slackware 14.0 package: 3bb80a54fb5d0f76d17ef33cf06a074d bind-9.9.7_P3-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: d77b36e48e2c033ffa9d99816979304f bind-9.9.7_P3-x86_64-1_slack14.0.txz
Slackware 14.1 package: ada9c70208885b4c7904364e040360f9 bind-9.9.7_P3-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: a78fbe27ba2834d2918fa26ce96d5083 bind-9.9.7_P3-x86_64-1_slack14.1.txz
Slackware -current package: 450614c08d5fac56c8d2701394d1af50 n/bind-9.10.2_P4-i586-1.txz
Slackware x86_64 -current package: 32e680d6bce8dac3ad5ba54958f68f95 n/bind-9.10.2_P4-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg bind-9.9.7_P3-i486-1_slack14.1.txz
Then, restart the name server:
/etc/rc.d/rc.bind restart
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address.
Updates for the oldstable distribution (wheezy) will be released shortly.
For the stable distribution (jessie), this problem has been fixed in version 9.9.5.dfsg-9+deb8u3.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your bind9 packages.
Release Date: 2015-12-16 Last Updated: 2015-12-16
Potential Security Impact: Remote Denial of Service (DoS)
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in the HP-UX BIND service running named. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS).
References:
CVE-2015-5722 CVE-2015-8000 PSRT102967
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. BIND for HP-UX Release B.11.11 9.3.2 named prior to C.9.3.2.15.0
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-5722 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2015-8000 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following software updates to resolve the vulnerabilities in the HP-UX BIND service running named.
-
BIND 9.3.2 for HP-UX Release B.11.11
Depot: HP_UX_11.11_DNSUPGRADE_C.9.3.2.15.0_HP-UX_B.11.11_32_64
Note: The depot files can be found here:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNu
mber=BIND
MANUAL ACTIONS: Yes - Update Download and install the software update
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
For BIND 9.3.2 HP-UX B.11.11 =================== BindUpgrade.BIND-UPGRADE BindUpgrade.BIND2-UPGRADE action: install revision C.9.3.2.15.0 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 16 December 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability with any HPE supported product, send Email to: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2015 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: bind security update Advisory ID: RHSA-2016:0078-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0078.html Issue date: 2016-01-28 CVE Names: CVE-2014-8500 CVE-2015-5477 CVE-2015-5722 CVE-2015-8000 =====================================================================
- Summary:
Updated bind packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.4 and 6.5 Advanced Update Support.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 6.4) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - i386, ppc64, s390x, x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. (CVE-2014-8500)
A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named (functioning as an authoritative DNS server or a DNS resolver) exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2015-5477)
A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. (CVE-2015-5722)
A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server to crash. (CVE-2015-8000)
Note: This issue affects authoritative servers as well as recursive servers, however authoritative servers are at limited risk if they perform authentication when making recursive queries to resolve addresses for servers listed in NS RRSETs.
Red Hat would like to thank ISC for reporting the CVE-2015-5477, CVE-2015-5722, and CVE-2015-8000 issues. Upstream acknowledges Jonathan Foote as the original reporter of CVE-2015-5477, and Hanno Böck as the original reporter of CVE-2015-5722.
All bind users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux Server AUS (v. 6.4):
Source: bind-9.8.2-0.17.rc1.el6_4.7.src.rpm
i386: bind-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-utils-9.8.2-0.17.rc1.el6_4.7.i686.rpm
ppc64: bind-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.ppc.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-utils-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm
s390x: bind-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.s390.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-utils-9.8.2-0.17.rc1.el6_4.7.s390x.rpm
x86_64: bind-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-libs-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-utils-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 6.5):
Source: bind-9.8.2-0.23.rc1.el6_5.2.src.rpm
i386: bind-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-utils-9.8.2-0.23.rc1.el6_5.2.i686.rpm
ppc64: bind-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.ppc.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm
s390x: bind-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.s390.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-utils-9.8.2-0.23.rc1.el6_5.2.s390x.rpm
x86_64: bind-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.4):
Source: bind-9.8.2-0.17.rc1.el6_4.7.src.rpm
i386: bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.7.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.ppc.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.s390.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.s390x.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.7.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.i686.rpm bind-devel-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 6.5):
Source: bind-9.8.2-0.23.rc1.el6_5.2.src.rpm
i386: bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.2.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.ppc.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.s390.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.s390x.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.2.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-8500 https://access.redhat.com/security/cve/CVE-2015-5477 https://access.redhat.com/security/cve/CVE-2015-5722 https://access.redhat.com/security/cve/CVE-2015-8000 https://access.redhat.com/security/updates/classification/#important https://kb.isc.org/article/AA-01216 https://kb.isc.org/article/AA-01272 https://kb.isc.org/article/AA-01287 https://kb.isc.org/article/AA-01317
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWqhylXlSAg2UNWIIRAqZ/AKCoKFjvPavmvpq8cC3SSEMtpGtycQCfShgo 0jc/9uvkc44V3h5ZDR/fILQ= =90gw -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/bind < 9.10.2_p4 >= 9.10.2_p4
Description
A vulnerability has been discovered in BIND's named utility leading to a Denial of Service condition.
Impact
A remote attacker may be able to cause Denial of Service condition via specially constructed zone data.
Workaround
There is no known workaround at this time.
Resolution
All BIND users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.10.2_p4"
References
[ 1 ] CVE-2015-1349 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1349 [ 2 ] CVE-2015-4620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4620 [ 3 ] CVE-2015-5477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5477 [ 4 ] CVE-2015-5722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5722 [ 5 ] CVE-2015-5986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5986
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201510-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.7"
},
{
"_id": null,
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.10.2"
},
{
"_id": null,
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.15"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.9.7"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.10.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.4"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.3"
},
{
"_id": null,
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.2"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.6"
},
{
"_id": null,
"model": "bind p3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5.1"
},
{
"_id": null,
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5.1"
},
{
"_id": null,
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5"
},
{
"_id": null,
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5"
},
{
"_id": null,
"model": "bind p3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.3"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.1"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind b4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"_id": null,
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.4"
},
{
"_id": null,
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"_id": null,
"model": "bind -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.8"
},
{
"_id": null,
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"_id": null,
"model": "bind -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"_id": null,
"model": "bind 9.7.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"_id": null,
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"_id": null,
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.0"
},
{
"_id": null,
"model": "bind 9.6.1-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.6.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.6.0-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.1b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0b2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0a7",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0a6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0a5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0a4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0a3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0-p2-w2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0-p2-w1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.5.0-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.3b2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.3-p5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.3-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.2-p2-w2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.2-p2-w1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.4.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.3.5-p2-w1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "bind 9.3.5-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.4.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.50"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.6"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.12"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v39.7"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v310.1"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v29.7"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v210.1"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v19.7"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v110.1"
},
{
"_id": null,
"model": "security proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.9.0"
},
{
"_id": null,
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.8.0"
},
{
"_id": null,
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.7.0"
},
{
"_id": null,
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.6.0"
},
{
"_id": null,
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"_id": null,
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.0"
},
{
"_id": null,
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.80"
},
{
"_id": null,
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.8.1.0"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "vcx",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.8.17"
},
{
"_id": null,
"model": "hp-ux b.11.31.09",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31.08",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31.06",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"_id": null,
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p22",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p21",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-rc",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta3-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"_id": null,
"model": "9.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "9.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p22",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p20",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p18",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p15",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.1--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "release-p4",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "9.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.0--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x5.0.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.1.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.1.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.2.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.2.3"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.2.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.1.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x4.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x3.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x2.0"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0.4"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.0"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.2"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.14"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12.1"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12"
},
{
"_id": null,
"model": "netezza host management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.10.0"
},
{
"_id": null,
"model": "vcx",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9.8.18"
},
{
"_id": null,
"model": "hp-ux c.9.7.3.8.0",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "9.3-release-p25",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x5.0.15"
},
{
"_id": null,
"model": "alienvault",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "5.2"
}
],
"sources": [
{
"db": "BID",
"id": "76605"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
},
{
"db": "NVD",
"id": "CVE-2015-5722"
}
]
},
"credits": {
"_id": null,
"data": "Hanno B\u0026amp;amp;amp;amp;amp;amp;amp;ouml;ck from the Fuzzing Project",
"sources": [
{
"db": "BID",
"id": "76605"
}
],
"trust": 0.3
},
"cve": "CVE-2015-5722",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-5722",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-83683",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-5722",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201509-057",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-83683",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-5722",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83683"
},
{
"db": "VULMON",
"id": "CVE-2015-5722"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
},
{
"db": "NVD",
"id": "CVE-2015-5722"
}
]
},
"description": {
"_id": null,
"data": "buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. ISC BIND is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to crash the affected application, denying service to legitimate users. ISC BIND is a set of open source software that implements the DNS protocol maintained by the Internet Systems Consortium (ISC) company in the United States. A security vulnerability exists in the buffer.c file in named in versions 9.x prior to ISC BIND 9.9.7-P3 and 9.10.x prior to 9.10.2-P4. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/bind-9.9.7_P3-i486-1_slack14.1.txz: Upgraded. \n This update fixes two denial-of-service vulnerabilities:\n + CVE-2015-5722 is a denial-of-service vector which can be\n exploited remotely against a BIND server that is performing\n validation on DNSSEC-signed records. Validating recursive\n resolvers are at the greatest risk from this defect, but it has not\n been ruled out that it could be exploited against an\n authoritative-only nameserver under limited conditions. Servers\n that are not performing validation are not vulnerable. However,\n ISC does not recommend disabling validation as a workaround to\n this issue as it exposes the server to other types of attacks. \n Upgrading to the patched versions is the recommended solution. \n All versions of BIND since 9.0.0 are vulnerable to CVE-2015-5722. Validation\n is not required. Recursive resolvers are at the greatest risk\n from this defect, but it has not been ruled out that it could\n be exploited against an authoritative-only nameserver under\n limited conditions. \n Only versions of BIND since 9.9.7 and 9.10.2 are vulnerable to\n CVE-2015-5986. \n For more information, see:\n https://kb.isc.org/article/AA-01287/0\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722\n https://kb.isc.org/article/AA-01291/0\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5986\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.9.7_P3-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.9.7_P3-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.9.7_P3-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.7_P3-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.7_P3-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.9.7_P3-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.9.7_P3-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.10.2_P4-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.10.2_P4-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 package:\n627f6c6827eca24776d790166801de25 bind-9.9.7_P3-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n49082f50322af84efe8d91459599b837 bind-9.9.7_P3-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n4dd375df46e84dbecb9f296e2fec692a bind-9.9.7_P3-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n90b4376b145544d9a63c28dcb891ca47 bind-9.9.7_P3-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n181ce9e11eb9d909c5c06b8ddd5bb1b5 bind-9.9.7_P3-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n368f7a3b977865b0132bdcd129e70813 bind-9.9.7_P3-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n3bb80a54fb5d0f76d17ef33cf06a074d bind-9.9.7_P3-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nd77b36e48e2c033ffa9d99816979304f bind-9.9.7_P3-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\nada9c70208885b4c7904364e040360f9 bind-9.9.7_P3-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\na78fbe27ba2834d2918fa26ce96d5083 bind-9.9.7_P3-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n450614c08d5fac56c8d2701394d1af50 n/bind-9.10.2_P4-i586-1.txz\n\nSlackware x86_64 -current package:\n32e680d6bce8dac3ad5ba54958f68f95 n/bind-9.10.2_P4-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg bind-9.9.7_P3-i486-1_slack14.1.txz\n\nThen, restart the name server:\n\n# /etc/rc.d/rc.bind restart\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. \n\nUpdates for the oldstable distribution (wheezy) will be released shortly. \n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 9.9.5.dfsg-9+deb8u3. \n\nFor the unstable distribution (sid), this problem will be fixed soon. \n\nWe recommend that you upgrade your bind9 packages. \n\nRelease Date: 2015-12-16\nLast Updated: 2015-12-16\n\nPotential Security Impact: Remote Denial of Service (DoS)\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in the HP-UX BIND\nservice running named. The vulnerabilities could be exploited remotely to\ncreate a Denial of Service (DoS). \n\nReferences:\n\n CVE-2015-5722\n CVE-2015-8000\n PSRT102967\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nBIND for HP-UX Release B.11.11 9.3.2 named prior to C.9.3.2.15.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-5722 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2015-8000 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following software updates to resolve the vulnerabilities\nin the HP-UX BIND service running named. \n\n - BIND 9.3.2 for HP-UX Release B.11.11\n\n Depot: HP_UX_11.11_DNSUPGRADE_C.9.3.2.15.0_HP-UX_B.11.11_32_64\n\n Note: The depot files can be found here:\n\n https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNu\nmber=BIND\n\nMANUAL ACTIONS: Yes - Update\nDownload and install the software update\n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nFor BIND 9.3.2\nHP-UX B.11.11\n===================\nBindUpgrade.BIND-UPGRADE\nBindUpgrade.BIND2-UPGRADE\naction: install revision C.9.3.2.15.0 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 16 December 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability with any HPE supported\nproduct, send Email to: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2015 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: bind security update\nAdvisory ID: RHSA-2016:0078-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0078.html\nIssue date: 2016-01-28\nCVE Names: CVE-2014-8500 CVE-2015-5477 CVE-2015-5722 \n CVE-2015-8000 \n=====================================================================\n\n1. Summary:\n\nUpdated bind packages that fix multiple security issues are now available\nfor Red Hat Enterprise Linux 6.4 and 6.5 Advanced Update Support. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 6.4) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server AUS (v. 6.5) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5) - i386, ppc64, s390x, x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nA denial of service flaw was found in the way BIND followed DNS\ndelegations. A remote attacker could use a specially crafted zone\ncontaining a large number of referrals which, when looked up and processed,\nwould cause named to use excessive amounts of memory or crash. \n(CVE-2014-8500)\n\nA flaw was found in the way BIND handled requests for TKEY DNS resource\nrecords. A remote attacker could use this flaw to make named (functioning\nas an authoritative DNS server or a DNS resolver) exit unexpectedly with an\nassertion failure via a specially crafted DNS request packet. \n(CVE-2015-5477)\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. (CVE-2015-5722)\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs. \n\nRed Hat would like to thank ISC for reporting the CVE-2015-5477,\nCVE-2015-5722, and CVE-2015-8000 issues. Upstream acknowledges Jonathan\nFoote as the original reporter of CVE-2015-5477, and Hanno B\u00f6ck as the\noriginal reporter of CVE-2015-5722. \n\nAll bind users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdate, the BIND daemon (named) will be restarted automatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 6.4):\n\nSource:\nbind-9.8.2-0.17.rc1.el6_4.7.src.rpm\n\ni386:\nbind-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.7.i686.rpm\n\nppc64:\nbind-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.ppc.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.s390.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-chroot-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-libs-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-utils-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 6.5):\n\nSource:\nbind-9.8.2-0.23.rc1.el6_5.2.src.rpm\n\ni386:\nbind-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.2.i686.rpm\n\nppc64:\nbind-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.ppc.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.s390.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-chroot-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-libs-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-utils-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4):\n\nSource:\nbind-9.8.2-0.17.rc1.el6_4.7.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.7.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.ppc.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.7.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.s390.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.7.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-debuginfo-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.i686.rpm\nbind-devel-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\nbind-sdb-9.8.2-0.17.rc1.el6_4.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.5):\n\nSource:\nbind-9.8.2-0.23.rc1.el6_5.2.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.2.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.ppc.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.2.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.s390.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.2.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-debuginfo-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.i686.rpm\nbind-devel-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\nbind-sdb-9.8.2-0.23.rc1.el6_5.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-8500\nhttps://access.redhat.com/security/cve/CVE-2015-5477\nhttps://access.redhat.com/security/cve/CVE-2015-5722\nhttps://access.redhat.com/security/cve/CVE-2015-8000\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://kb.isc.org/article/AA-01216\nhttps://kb.isc.org/article/AA-01272\nhttps://kb.isc.org/article/AA-01287\nhttps://kb.isc.org/article/AA-01317\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWqhylXlSAg2UNWIIRAqZ/AKCoKFjvPavmvpq8cC3SSEMtpGtycQCfShgo\n0jc/9uvkc44V3h5ZDR/fILQ=\n=90gw\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/bind \u003c 9.10.2_p4 \u003e= 9.10.2_p4 \n\nDescription\n===========\n\nA vulnerability has been discovered in BIND\u0027s named utility leading to\na Denial of Service condition. \n\nImpact\n======\n\nA remote attacker may be able to cause Denial of Service condition via\nspecially constructed zone data. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll BIND users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/bind-9.10.2_p4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-1349\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1349\n[ 2 ] CVE-2015-4620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4620\n[ 3 ] CVE-2015-5477\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5477\n[ 4 ] CVE-2015-5722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5722\n[ 5 ] CVE-2015-5986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5986\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201510-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5722"
},
{
"db": "BID",
"id": "76605"
},
{
"db": "VULHUB",
"id": "VHN-83683"
},
{
"db": "VULMON",
"id": "CVE-2015-5722"
},
{
"db": "PACKETSTORM",
"id": "133411"
},
{
"db": "PACKETSTORM",
"id": "133410"
},
{
"db": "PACKETSTORM",
"id": "134864"
},
{
"db": "PACKETSTORM",
"id": "135473"
},
{
"db": "PACKETSTORM",
"id": "135472"
},
{
"db": "PACKETSTORM",
"id": "134008"
}
],
"trust": 1.89
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-83683",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83683"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-5722",
"trust": 2.7
},
{
"db": "ISC",
"id": "AA-01287",
"trust": 2.4
},
{
"db": "BID",
"id": "76605",
"trust": 1.5
},
{
"db": "ISC",
"id": "AA-01306",
"trust": 1.2
},
{
"db": "ISC",
"id": "AA-01438",
"trust": 1.2
},
{
"db": "ISC",
"id": "AA-01307",
"trust": 1.2
},
{
"db": "ISC",
"id": "AA-01305",
"trust": 1.2
},
{
"db": "MCAFEE",
"id": "SB10134",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1033452",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "133410",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "133411",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "134864",
"trust": 0.2
},
{
"db": "ISC",
"id": "AA-01317",
"trust": 0.2
},
{
"db": "ISC",
"id": "AA-01272",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "134441",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133407",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134059",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133423",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133408",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133434",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133409",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-83683",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-5722",
"trust": 0.1
},
{
"db": "ISC",
"id": "AA-01291",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135473",
"trust": 0.1
},
{
"db": "ISC",
"id": "AA-01216",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135472",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134008",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83683"
},
{
"db": "VULMON",
"id": "CVE-2015-5722"
},
{
"db": "BID",
"id": "76605"
},
{
"db": "PACKETSTORM",
"id": "133411"
},
{
"db": "PACKETSTORM",
"id": "133410"
},
{
"db": "PACKETSTORM",
"id": "134864"
},
{
"db": "PACKETSTORM",
"id": "135473"
},
{
"db": "PACKETSTORM",
"id": "135472"
},
{
"db": "PACKETSTORM",
"id": "134008"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
},
{
"db": "NVD",
"id": "CVE-2015-5722"
}
]
},
"id": "VAR-201509-0003",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-83683"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T22:29:18.635000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Debian Security Advisories: DSA-3350-1 bind9 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=2d4f632833a43c4eaa5805f28e3b91fe"
},
{
"title": "Ubuntu Security Notice: bind9 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2728-1"
},
{
"title": "Amazon Linux AMI: ALAS-2015-594",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-594"
},
{
"title": "Apple: OS X Server 5.0.15",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=e4f689e38c48c81fbfd32d7313793956"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=8b701aba68029ec36b631a8e26157a22"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=6c15273f6bf4a785175f27073b98a1ce"
},
{
"title": "afl-cve",
"trust": 0.1,
"url": "https://github.com/mrash/afl-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-5722"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83683"
},
{
"db": "NVD",
"id": "CVE-2015-5722"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.0,
"url": "https://kb.isc.org/article/aa-01287"
},
{
"trust": 1.5,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"trust": 1.5,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1705.html"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1706.html"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1707.html"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/76605"
},
{
"trust": 1.3,
"url": "https://security.gentoo.org/glsa/201510-01"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0078.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0079.html"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2015/oct/msg00009.html"
},
{
"trust": 1.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04891218"
},
{
"trust": 1.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04923105"
},
{
"trust": 1.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04952480"
},
{
"trust": 1.2,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05095918"
},
{
"trust": 1.2,
"url": "https://kb.isc.org/article/aa-01305"
},
{
"trust": 1.2,
"url": "https://kb.isc.org/article/aa-01306"
},
{
"trust": 1.2,
"url": "https://kb.isc.org/article/aa-01307"
},
{
"trust": 1.2,
"url": "https://kb.isc.org/article/aa-01438"
},
{
"trust": 1.2,
"url": "https://security.netapp.com/advisory/ntap-20190730-0001/"
},
{
"trust": 1.2,
"url": "https://support.apple.com/ht205376"
},
{
"trust": 1.2,
"url": "http://www.debian.org/security/2015/dsa-3350"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-september/165810.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-september/167465.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-september/165996.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-october/168686.html"
},
{
"trust": 1.2,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-september/165750.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1033452"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00005.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00006.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00012.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00020.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00002.html"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2728-1"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144294073801304\u0026w=2"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10134"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5722"
},
{
"trust": 0.4,
"url": "https://kb.isc.org/article/aa-01287/0"
},
{
"trust": 0.3,
"url": "http://www.isc.org/products/bind/"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04952480"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04800156"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04891218"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21964962"
},
{
"trust": 0.3,
"url": "https://www.us-cert.gov/ncas/current-activity/2015/09/16/internet-systems-consortium-isc-releases-security-updates-bind"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/6075/security-advisory-alienvault-v5-2-addresses-55-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020931"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966398"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968047"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968076"
},
{
"trust": 0.3,
"url": "https://aix.software.ibm.com/aix/efixes/security/bind_advisory9.asc"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8000"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5477"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5986"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-5477"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-5722"
},
{
"trust": 0.2,
"url": "https://kb.isc.org/article/aa-01317"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-8000"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://kb.isc.org/article/aa-01272"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10134"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144294073801304\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-3350"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2728-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5986"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://kb.isc.org/article/aa-01291/0"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5722"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnu"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8500"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8500"
},
{
"trust": 0.1,
"url": "https://kb.isc.org/article/aa-01216"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4620"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1349"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5986"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5477"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1349"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83683"
},
{
"db": "VULMON",
"id": "CVE-2015-5722"
},
{
"db": "BID",
"id": "76605"
},
{
"db": "PACKETSTORM",
"id": "133411"
},
{
"db": "PACKETSTORM",
"id": "133410"
},
{
"db": "PACKETSTORM",
"id": "134864"
},
{
"db": "PACKETSTORM",
"id": "135473"
},
{
"db": "PACKETSTORM",
"id": "135472"
},
{
"db": "PACKETSTORM",
"id": "134008"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
},
{
"db": "NVD",
"id": "CVE-2015-5722"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-83683",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-5722",
"ident": null
},
{
"db": "BID",
"id": "76605",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133411",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133410",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "134864",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135473",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135472",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "134008",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-5722",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-83683",
"ident": null
},
{
"date": "2015-09-05T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5722",
"ident": null
},
{
"date": "2015-09-02T00:00:00",
"db": "BID",
"id": "76605",
"ident": null
},
{
"date": "2015-09-03T22:26:39",
"db": "PACKETSTORM",
"id": "133411",
"ident": null
},
{
"date": "2015-09-03T22:26:33",
"db": "PACKETSTORM",
"id": "133410",
"ident": null
},
{
"date": "2015-12-16T20:22:00",
"db": "PACKETSTORM",
"id": "134864",
"ident": null
},
{
"date": "2016-01-28T17:19:00",
"db": "PACKETSTORM",
"id": "135473",
"ident": null
},
{
"date": "2016-01-28T17:18:54",
"db": "PACKETSTORM",
"id": "135472",
"ident": null
},
{
"date": "2015-10-18T21:06:41",
"db": "PACKETSTORM",
"id": "134008",
"ident": null
},
{
"date": "2015-09-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-057",
"ident": null
},
{
"date": "2015-09-05T02:59:03.307000",
"db": "NVD",
"id": "CVE-2015-5722",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-83683",
"ident": null
},
{
"date": "2016-12-31T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5722",
"ident": null
},
{
"date": "2016-07-29T17:00:00",
"db": "BID",
"id": "76605",
"ident": null
},
{
"date": "2015-09-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-057",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-5722",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "135473"
},
{
"db": "PACKETSTORM",
"id": "135472"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
}
],
"trust": 0.8
},
"title": {
"_id": null,
"data": "ISC BIND named Input validation vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-057"
}
],
"trust": 0.6
}
}
VAR-201404-0008
Vulnerability from variot - Updated: 2026-04-10 22:27Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. OpenSSL is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible; however, this has not been confirmed. ============================================================================ Ubuntu Security Notice USN-2192-1 May 05, 2014
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
OpenSSL could be made to crash if it received specially crafted network traffic. (CVE-2010-5298)
It was discovered that OpenSSL incorrectly handled memory in the do_ssl3_write() function. (CVE-2014-0198)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.1
Ubuntu 13.10: libssl1.0.0 1.0.1e-3ubuntu1.3
Ubuntu 12.10: libssl1.0.0 1.0.1c-3ubuntu2.8
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.13
After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2014:0679-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0679.html Issue date: 2014-06-10 CVE Names: CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.
The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224)
Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433
A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195)
Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)
A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221)
A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)
Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Jüri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Gröbert and Ivan Fratrić of Google as the original reporters of CVE-2014-3470.
All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1087195 - CVE-2010-5298 openssl: freelist misuse causing a possible use-after-free 1093837 - CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write() 1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability 1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake 1103598 - CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment 1103600 - CVE-2014-3470 openssl: client-side denial of service when using anonymous ECDH
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-34.el7_0.3.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-34.el7_0.3.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-34.el7_0.3.src.rpm
ppc64: openssl-1.0.1e-34.el7_0.3.ppc64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm openssl-devel-1.0.1e-34.el7_0.3.ppc.rpm openssl-devel-1.0.1e-34.el7_0.3.ppc64.rpm openssl-libs-1.0.1e-34.el7_0.3.ppc.rpm openssl-libs-1.0.1e-34.el7_0.3.ppc64.rpm
s390x: openssl-1.0.1e-34.el7_0.3.s390x.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm openssl-devel-1.0.1e-34.el7_0.3.s390.rpm openssl-devel-1.0.1e-34.el7_0.3.s390x.rpm openssl-libs-1.0.1e-34.el7_0.3.s390.rpm openssl-libs-1.0.1e-34.el7_0.3.s390x.rpm
x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm openssl-perl-1.0.1e-34.el7_0.3.ppc64.rpm openssl-static-1.0.1e-34.el7_0.3.ppc.rpm openssl-static-1.0.1e-34.el7_0.3.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm openssl-perl-1.0.1e-34.el7_0.3.s390x.rpm openssl-static-1.0.1e-34.el7_0.3.s390.rpm openssl-static-1.0.1e-34.el7_0.3.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-34.el7_0.3.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2010-5298.html https://www.redhat.com/security/data/cve/CVE-2014-0195.html https://www.redhat.com/security/data/cve/CVE-2014-0198.html https://www.redhat.com/security/data/cve/CVE-2014-0221.html https://www.redhat.com/security/data/cve/CVE-2014-0224.html https://www.redhat.com/security/data/cve/CVE-2014-3470.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/articles/904433 https://access.redhat.com/site/solutions/905793
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFTl161XlSAg2UNWIIRAiJlAKCiztPWPTBaVbDSJK/cEtvknFYpTACgur3t GHJznx5GNeKZ00848jTZ9hw= =48eV -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce.
The attack can only be performed between a vulnerable client and server.
Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and researching this issue. This issue was reported to OpenSSL on 1st May 2014 via JPCERT/CC.
The fix was developed by Stephen Henson of the OpenSSL core team partly based on an original patch from KIKUCHI Masashi.
DTLS recursion flaw (CVE-2014-0221)
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This issue was reported to OpenSSL on 9th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Jüri Aedla for reporting this issue. This issue was reported to OpenSSL on 23rd April 2014 via HP ZDI.
The fix was developed by Stephen Henson of the OpenSSL core team. This flaw only affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public. The fix was developed by Matt Caswell of the OpenSSL development team. This flaw only affects multithreaded applications using OpenSSL 1.0.0 and 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public.
OpenSSL 0.9.8 users should upgrade to 0.9.8za OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
Thanks to Felix Gröbert and Ivan Fratrić at Google for discovering this issue. This issue was reported to OpenSSL on 28th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
Other issues
OpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for CVE-2014-0076: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" Reported by Yuval Yarom and Naomi Benger. This issue was previously fixed in OpenSSL 1.0.1g.
References
URL for this Security Advisory: http://www.openssl.org/news/secadv_20140605.txt
Note: the online version of the advisory may be updated with additional details over time. The following Common Vulnerabilities and Exposures project ids identify them:
CVE-2010-5298
A read buffer can be freed even when it still contains data that is
used later on, leading to a use-after-free.
CVE-2014-0076
ECDSA nonces can be recovered through the Yarom/Benger FLUSH+RELOAD
cache side-channel attack.
A third issue, with no CVE id, is the missing detection of the "critical" flag for the TSA extended key usage under certain cases.
Additionally, this update checks for more services that might need to be restarted after upgrades of libssl, corrects the detection of apache2 and postgresql, and adds support for the 'libraries/restart-without-asking' debconf configuration. This allows services to be restarted on upgrade without prompting.
The oldstable distribution (squeeze) is not affected by CVE-2010-5298 and it might be updated at a later time to address the remaining vulnerabilities.
For the testing distribution (jessie), these problems will be fixed soon.
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack (CVE-2014-0076).
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug (CVE-2014-0160).
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224).
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue (CVE-2014-3566).
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c (CVE-2014-3570).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message (CVE-2014-3572).
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c (CVE-2014-8275).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the FREAK issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations (CVE-2015-0204).
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support (CVE-2015-0205).
The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293 http://openssl.org/news/secadv_20150108.txt http://openssl.org/news/secadv_20150319.txt
Updated Packages:
Mandriva Business Server 2/X86_64: 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS kz0ex6eI6hA6qSwklA2NoXY= =GYjX -----END PGP SIGNATURE----- .
Details: Unisphere Central requires an update to address various security vulnerabilities:
- Unvalidated Redirect Vulnerability (CVE-2015-0512)
A potential vulnerability in Unisphere Central may allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. The attacker can specify the location of the arbitrary site in the unvalidated parameter of a crafted URL. If this URL is accessed, the browser is redirected to the arbitrary site specified in the parameter.
CVSSv2 Base Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
- Multiple Embedded Component Vulnerabilities
The following vulnerabilities affecting multiple embedded components were addressed:
\x95 PostgreSQL (CVE-2013-1899, CVE-2013-1900, CVE-2013-1901, CVE-2013-1902) \x95 Apache Tomcat HTTP Digest Access Bypass (CVE-2012-5885) \x95 SSL3.0/TLS1.0 Weak CBC Mode Vulnerability (CVE-2011-3389) \x95 SUSE Kernel Updates (CVE-2013-1767, CVE-2012-2137, CVE-2012-6548, CVE-2013-1797, CVE-2013-0231,CVE-2013-1774, CVE-2013-1848, CVE-2013-0311, CVE-2013-2634, CVE-2013-0268, CVE-2013-0913, CVE-2013-1772, CVE-2013-0216, CVE-2013-1792, CVE-2012-6549, CVE-2013-2635, CVE-2013-0914, CVE-2013-1796, CVE-2013-0160, CVE-2013-1860, CVE-2013-0349, CVE-2013-1798) \x95 Libgcrypt (CVE-2013-4242) \x95 cURL/libcURL Multiple Vulnerabilities (CVE-2014-0138, CVE-2014-0139, CVE-2014-0015, CVE-2014-3613, CVE-2014-3620) \x95 OpenSSL Multiple Vulnerabilities (CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139, CVE-2014-3513, CVE-2014-3567, CVE-2014-3568, CVE-2014-3566) \x95 GNU Privacy Guard (GPG2) Update (CVE-2012-6085) \x95 Java Runtime Environment (CVE-2014-2403, CVE-2014-0446, CVE-2014-0457, CVE-2014-0453, CVE-2014-2412, CVE-2014-2398, CVE-2014-0458, CVE-2014-2397, CVE-2014-0460, CVE-2014-0429, CVE-2014-2428, CVE-2014-2423, CVE-2014-2420, CVE-2014-0448, CVE-2014-0459, CVE-2014-2427, CVE-2014-2414, CVE-2014-0461, CVE-2014-0454, CVE-2014-2422, CVE-2014-0464, CVE-2014-2401, CVE-2014-0456, CVE-2014-0455, CVE-2014-0451, CVE-2014-0449, CVE-2014-0432, CVE-2014-0463, CVE-2014-2410, CVE-2014-2413, CVE-2014-2421, CVE-2014-2409, CVE-2014-2402, CVE-2014-0452, CVE-2014-4220, CVE-2014-2490, CVE-2014-4266, CVE-2014-4219, CVE-2014-2483, CVE-2014-4263, CVE-2014-4264, CVE-2014-4268, CVE-2014-4252, CVE-2014-4223, CVE-2014-4247, CVE-2014-4218, CVE-2014-4221, CVE-2014-4262, CVE-2014-4227, CVE-2014-4208, CVE-2014-4209, CVE-2014-4265, CVE-2014-4244, CVE-2014-4216) \x95 OpenSSH Denial of Service (CVE-2010-5107) \x95 Network Security Services (NSS) Update (CVE-2014-1545, CVE-2014-1541, CVE-2014-1534, CVE-2014-1533, CVE-2014-1536, CVE-2014-1537, CVE-2014-1538) \x95 Xorg-X11 Update (CVE-2013-2005, CVE-2013-2002) \x95 GnuTLS SSL Verification Vulnerability (CVE-2014-0092) \x95 Pango Security Update (CVE-2011-0020, CVE-2011-0064) \x95 D-Bus Denial of Service (CVE-2014-3638,CVE-2014-3639) \x95 Perl Denial of Service (CVE-2014-4330) CVSSv2 Base Score: Refer to NVD (http://nvd.nist.gov) for individual scores for each CVE listed above
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm. To search for a particular CVE, use the NVD database\x92s search utility at http://web.nvd.nist.gov/view/vuln/search
Resolution: The following Unisphere Central release contains resolutions to the above issues: \x95 Unisphere Central version 4.0.
EMC strongly recommends all customers upgrade at the earliest opportunity. Contact EMC Unisphere Central customer support to download the required upgrades.
Link to remedies: Registered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/products/28224_Unisphere-Central
If you have any questions, please contact EMC Support.
Read and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867.
For an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. EMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.
Release Date: 2014-08-08 Last Updated: 2014-08-08
Potential Security Impact: Remote denial of service (DoS), code execution, unauthorized access, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version Control Agent (VCA) running on Linux and Windows. These components of HP Insight Control server deployment could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information.
HP Insight Control server deployment packages HP System Management Homepage (SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following components. This bulletin provides the information needed to update the HP Insight Control server deployment solution.
Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64 Upgrade Proliant Firmware
References:
CVE-2010-5298 Remote Denial of Service CVE-2014-0076 Unauthorized Disclosure of Information CVE-2014-0195 Remote Unauthorized Access CVE-2014-0198 Remote Denial of Service CVE-2014-0221 Remote Denial of Service (DoS) CVE-2014-0224 Remote Unauthorized Access or Disclosure of Information CVE-2014-3470 Remote Code Execution or Unauthorized Access SSRT101628
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following updates to v7.3.1 of HP Insight Control server deployment to resolve this vulnerability. HP has provided manual update steps if a version upgrade is not possible; if users wish to remain at v7.1.2, v7.2.0, or v7.2.1.
Note: It is important to check your current running version of HP Insight Control server deployment and to follow the correct steps listed below. For HP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and follow the steps below to remove the vulnerability. The vulnerability known as Heartbleed (CVE-2014-0160) was fixed in HP Insight Control server deployment v7.3.1. That Security Bulletin with instructions on how to upgrade to v7.3.1 can be found here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n a-c04267749
HP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should take the following steps to remove this vulnerability.
Delete the files smhamd64-.exe/smhx86-.exe" from Component Copy Location listed in the following table, rows 1 and 2. Delete the files "vcax86-.exe/vcaamd64-.exe from Component Copy Location listed in the following table, rows 3 and 4. Delete the files hpsmh-7.*.rpm" from Component Copy Location listed in row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location specified in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location
1 http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba smhamd64-ccp023716.exe \express\hpfeatures\hpagents-ws\components\Win2008
2 http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05 smhx86-cp023715.exe \express\hpfeatures\hpagents-ws\components\Win2008
3 http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13 vcax86-cp023742.exe \express\hpfeatures\hpagents-ws\components\Win2008
4 http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2 vcaamd64-cp023743.exe \express\hpfeatures\hpagents-ws\components\Win2008
5 http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components \express\hpfeatures\hpagents-sles10-x64\components \express\hpfeatures\hpagents-rhel5-x64\components \express\hpfeatures\hpagents-rhel6-x64\components
Download and extract the HPSUM 5.3.6 component from ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793
Copy all content from extracted ZIP folder and paste into \eXpress\hpfeatures\fw-proLiant\components Initiate Install HP Management Agents for SLES 11 x64 on targets running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on targets running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL 5 x64. Initiate Install HP Management Agents for Windows x86/x64 on targets running Windows.
HP Insight Control server deployment users with v7.2.2:
Please upgrade to Insight Control server deployment v7.3.1 and follow the steps below for v7.3.1.
HP Insight Control server deployment users with v7.3.1:
Perform steps 1 - 4 as outlined above for users with HP Insight Control server deployment v7.1.2, v7.2.0, and v7.2.1. Download the HP SUM ZIP file from http://www.hp.com/swpublishing/MTX-f6c141a7feeb4a358bbb28300f
Extract the contents from the HP SUM ZIP file to \eXpress\hpfeatures\fw-proLiant\components location on the Insight Control server deployment server
Related security bulletins:
For System Management Homepage please see Security bulletin HPSBMU03051 https ://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04 345210
For HP Version Control Agent please see Security bulletin HPSBMU03057 https:/ /h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c0434 9897
HISTORY Version:1 (rev.1) - 8 August 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1h-i486-1_slack14.1.txz: Upgraded. Multiple security issues have been corrected, including a possible man-in-the-middle attack where weak keying material is forced, denial of service, and the execution of arbitrary code. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8za-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8za-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8za-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8za-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8za-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8za-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1h-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1h-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1h-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1h-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1h-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1h-i486-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1h-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1h-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 packages: 634b8ecc8abc6d3f249b73d0fefa5959 openssl-0.9.8za-i486-1_slack13.0.txz a2529f1243d42a3608f61b96236b5f60 openssl-solibs-0.9.8za-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: 2ddac651c5f2531f3a7f70d9f5823bd6 openssl-0.9.8za-x86_64-1_slack13.0.txz d7ffeb15713a587f642fbb3d5c310c75 openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 0b84a6a1edf76cba83d4c52c54196baa openssl-0.9.8za-i486-1_slack13.1.txz dfd5d241b0e1703ae9d70d6ccda06179 openssl-solibs-0.9.8za-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: bd749622577a5f76a59d90b95aa922fd openssl-0.9.8za-x86_64-1_slack13.1.txz 35cf911dd9f0cc13f7f0056d9e1f4520 openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 8f674defac9002c81265d284b1072f75 openssl-0.9.8za-i486-1_slack13.37.txz 48ce79e7714cb0c823d2b6ea4a88ba51 openssl-solibs-0.9.8za-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: efa09162c22782c15806bca99472c5be openssl-0.9.8za-x86_64-1_slack13.37.txz 8e3b8d1e3d3a740bd274fbe38dc10f96 openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz
Slackware 14.0 packages: 8e2698d19f54c7e0cac8f998df23b782 openssl-1.0.1h-i486-1_slack14.0.txz cf6233bc169cf6dd192bb7210f779fc1 openssl-solibs-1.0.1h-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 2b4f0610d5e46fa7bb27a0b39f0d6d33 openssl-1.0.1h-x86_64-1_slack14.0.txz 18fdd83dcf86204275508a689a017dea openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 49aea7da42eef41da894f29762971863 openssl-1.0.1h-i486-1_slack14.1.txz 6f19f4fdc3f018b4e821c519d7bb1e5c openssl-solibs-1.0.1h-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: ccf5ff2b107c665a4f3bf98176937749 openssl-1.0.1h-x86_64-1_slack14.1.txz ea1aaba38c98b096186ca94ca541a793 openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz
Slackware -current packages: db1ed7ded71ab503f567940fff39eb16 a/openssl-solibs-1.0.1h-i486-1.txz 0db4f91f9b568b2b2629950e5ab88b22 n/openssl-1.0.1h-i486-1.txz
Slackware x86_64 -current packages: d01aef33335bee27f36574241f54091f a/openssl-solibs-1.0.1h-x86_64-1.txz 95a743d21c58f39573845d6ec5270656 n/openssl-1.0.1h-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1h-i486-1_slack14.1.txz openssl-solibs-1.0.1h-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address.
HP Systems Insight Manager v7.3 Hotfix kit HP Systems Insight Manager v7.2 Hotfix kit (The HP Systems Insight Manager v7.2 Hotfix kit is currently unavailable, but will be released at a later date.
http://h18013.www1.hp.com/products/servers/management/hpsim/download.html
NOTE: No reboot of the system is required after applying the HP SIM Hotfix kit
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "openssl",
"scope": "lte",
"trust": 1.8,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "linux enterprise workstation extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"_id": null,
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "api management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "3.0 (ibm pureapplication system and xen)"
},
{
"_id": null,
"model": "api management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "3.0 (vmware)"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "patient hub 10.0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "provider hub 10.0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "standard/advanced edition 11.0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "standard/advanced edition 11.3"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "patient hub 9.5"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "patient hub 9.7"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "provider hub 9.5"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "provider hub 9.7"
},
{
"_id": null,
"model": "sdk,",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "for node.js 1.1.0.3"
},
{
"_id": null,
"model": "security access manager for mobile the appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "security access manager for web the appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "security access manager for web the appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "smartcloud orchestrator",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "smartcloud orchestrator",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.3 fp1"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.1 for ibm provided software virtual appliance"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.3 fp1"
},
{
"_id": null,
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "4.1.1 (linux-ix86 and linux-s390)"
},
{
"_id": null,
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.63"
},
{
"_id": null,
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.71"
},
{
"_id": null,
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 5.0"
},
{
"_id": null,
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 5.1"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "3.2.24"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.0.26"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.1.34"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.2.26"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.3.14"
},
{
"_id": null,
"model": "l20/300",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lto6 drive",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "lx/30a",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.6,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "ssl vpn 8.0r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.106"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"_id": null,
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.20.5.0"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"_id": null,
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"_id": null,
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58200"
},
{
"_id": null,
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"_id": null,
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "junos os 13.1r4-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "junos 12.1r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "junos 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.5"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.12"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"_id": null,
"model": "cp1543-1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"_id": null,
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "junos 12.1r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"_id": null,
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "60000"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.2"
},
{
"_id": null,
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"_id": null,
"model": "junos 12.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2-480"
},
{
"_id": null,
"model": "junos 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos 11.4r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"_id": null,
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"_id": null,
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"_id": null,
"model": "uacos c4.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "msr3000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"_id": null,
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.4"
},
{
"_id": null,
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.3"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"_id": null,
"model": "m220 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7775"
},
{
"_id": null,
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58300"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "4800g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"_id": null,
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"_id": null,
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "secure analytics 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"_id": null,
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4"
},
{
"_id": null,
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"_id": null,
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "119000"
},
{
"_id": null,
"model": "secure analytics 2014.2r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.12"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.2"
},
{
"_id": null,
"model": "junos 13.1r3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "10"
},
{
"_id": null,
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "oneview",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.10"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "f1000a and s family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"_id": null,
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "u200a and m family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"_id": null,
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "850/8700"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "junos 11.4r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"_id": null,
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"_id": null,
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7765"
},
{
"_id": null,
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"_id": null,
"model": "junos d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"_id": null,
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.3"
},
{
"_id": null,
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "hsr6602 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"_id": null,
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"_id": null,
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"_id": null,
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"_id": null,
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"_id": null,
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"_id": null,
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.5"
},
{
"_id": null,
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "msr93x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.4"
},
{
"_id": null,
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"_id": null,
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "wx5002/5004 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"_id": null,
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "junos 11.4r12",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "10.0-release-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "a6600 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"_id": null,
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.3"
},
{
"_id": null,
"model": "junos 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "vsr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos 13.3r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"_id": null,
"model": "junos 12.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"_id": null,
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.2"
},
{
"_id": null,
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.8"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.2"
},
{
"_id": null,
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.3"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"_id": null,
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "14.1"
},
{
"_id": null,
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.2"
},
{
"_id": null,
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"_id": null,
"model": "junos 12.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 13.2r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"_id": null,
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"_id": null,
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"_id": null,
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.9"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "msr20 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "junos 12.1r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos 13.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos 11.4r10-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"_id": null,
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"_id": null,
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "junos 12.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "junos 5.0r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129000"
},
{
"_id": null,
"model": "fortios build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.10"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"_id": null,
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "hsr6800 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "ssl vpn 7.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1"
},
{
"_id": null,
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.0"
},
{
"_id": null,
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "msr20 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.3.10"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "msr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.1"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "secblade iii",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "junos 10.4r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"_id": null,
"model": "junos 12.1r8-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "junos 13.2r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"_id": null,
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "junos 13.1r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "(comware family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12500v7)0"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"_id": null,
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"_id": null,
"model": "cp1543-1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.1.25"
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "secure analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"_id": null,
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "msr30 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"_id": null,
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"_id": null,
"model": "strm 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"_id": null,
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"_id": null,
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"_id": null,
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"_id": null,
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos os 12.1x47-d10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "jsa 2014.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.2"
},
{
"_id": null,
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7900.00"
},
{
"_id": null,
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "f1000e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "junos os 12.2r9",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"_id": null,
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19200"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"_id": null,
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"_id": null,
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "hsr6602 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.1"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.0"
},
{
"_id": null,
"model": "msr93x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "secure analytics 2014.2r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"_id": null,
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"_id": null,
"model": "junos 13.3r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.6"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.21"
},
{
"_id": null,
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"_id": null,
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"_id": null,
"model": "junos 12.1r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "simatic s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.5.0"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"_id": null,
"model": "msr50 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"_id": null,
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.2"
},
{
"_id": null,
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"_id": null,
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"_id": null,
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.1"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"_id": null,
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"_id": null,
"model": "virusscan enterprise for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "1.7.1"
},
{
"_id": null,
"model": "strm",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.4"
},
{
"_id": null,
"model": "msr50 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"_id": null,
"model": "junos 12.1x45-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"_id": null,
"model": "junos 13.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "junos 13.2r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "u200s and cs family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"_id": null,
"model": "security threat response manager 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"_id": null,
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"_id": null,
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"_id": null,
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"_id": null,
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"_id": null,
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"_id": null,
"model": "hsr6800 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.01"
},
{
"_id": null,
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v5)0"
},
{
"_id": null,
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"_id": null,
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"_id": null,
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.2"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.12"
},
{
"_id": null,
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos 13.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "simatic s7-1500",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.6"
},
{
"_id": null,
"model": "strm/jsa 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "ngfw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.3"
},
{
"_id": null,
"model": "junos 10.4r16",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "msr9xx russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "junos 12.3r4-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.203"
},
{
"_id": null,
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "msr50-g2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.21"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"_id": null,
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "junos 5.0r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "11.16"
},
{
"_id": null,
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.13"
},
{
"_id": null,
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"_id": null,
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "virusscan enterprise for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "1.8"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"_id": null,
"model": "junos os 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "uacos c5.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "junos 13.1r.3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"_id": null,
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58000"
},
{
"_id": null,
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.8"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.7"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "junos os 12.1x46-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v20"
},
{
"_id": null,
"model": "junos 12.1x45-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"_id": null,
"model": "uacos c5.0",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7755"
},
{
"_id": null,
"model": "strm/jsa",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1"
},
{
"_id": null,
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"_id": null,
"model": "imc uam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"_id": null,
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"_id": null,
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"_id": null,
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos 10.4s",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.6"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1.1"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v7)0"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "junos 11.4r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"_id": null,
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"_id": null,
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"_id": null,
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"_id": null,
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"_id": null,
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"_id": null,
"model": "9500e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "msr30-16 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"_id": null,
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"_id": null,
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"_id": null,
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"_id": null,
"model": "simatic s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"_id": null,
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "msr20-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"_id": null,
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"_id": null,
"model": "virusscan enterprise for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "2.0"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"_id": null,
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"_id": null,
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security threat response manager 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"_id": null,
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6"
},
{
"_id": null,
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"_id": null,
"model": "junos 12.1x45-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 10.4s15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "20"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "36100"
},
{
"_id": null,
"model": "junos 13.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "hi switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"_id": null,
"model": "msr30-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.7"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "msr9xx family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "msr2000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.0"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"_id": null,
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"_id": null,
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"_id": null,
"model": "junos os 13.3r2-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "msr30 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"_id": null,
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"_id": null,
"model": "junos 12.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"_id": null,
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"_id": null,
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125000"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"_id": null,
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.4"
},
{
"_id": null,
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "msr30-16 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "imc ead",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.1"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3600v20"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "fortios b064",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.3"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"_id": null,
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"_id": null,
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "msr4000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"_id": null,
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "junos 12.2r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.21"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"_id": null,
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"_id": null,
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"_id": null,
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.6"
},
{
"_id": null,
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"_id": null,
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"_id": null,
"model": "mcp russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.1"
},
{
"_id": null,
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.1"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"_id": null,
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1"
},
{
"_id": null,
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "a6600 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "junos 12.1r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "f5000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"_id": null,
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19100"
},
{
"_id": null,
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"_id": null,
"model": "junos 13.3r2-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos r11",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"_id": null,
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"_id": null,
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.62"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"_id": null,
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos os 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.2"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "virusscan enterprise for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "1.9"
},
{
"_id": null,
"model": "pk family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"_id": null,
"model": "junos os 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59200"
},
{
"_id": null,
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos 11.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.2"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"_id": null,
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "junos 12.1x45-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"_id": null,
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "4210g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"_id": null,
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "junos r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "14.1"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"_id": null,
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"_id": null,
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"_id": null,
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "webapp secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"_id": null,
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"_id": null,
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"_id": null,
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"_id": null,
"model": "junos 13.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"_id": null,
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"_id": null,
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45-"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"_id": null,
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cms r17ac.g",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59000"
},
{
"_id": null,
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"_id": null,
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"_id": null,
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "mcp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"_id": null,
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75000"
},
{
"_id": null,
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"_id": null,
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8300"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"_id": null,
"model": "junos 12.2r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"_id": null,
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "10.0-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"_id": null,
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"_id": null,
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "secblade fw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"_id": null,
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos os 13.2r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.2"
},
{
"_id": null,
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"_id": null,
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "junos os 14.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "junos 10.4r15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "uacos c4.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "p2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"_id": null,
"model": "junos 10.0s25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"_id": null,
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"_id": null,
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"_id": null,
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"_id": null,
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.2"
},
{
"_id": null,
"model": "junos d10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"_id": null,
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"_id": null,
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "msr50 g2 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "junos 10.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "junos 12.3r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.1"
},
{
"_id": null,
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"_id": null,
"model": "russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.4"
},
{
"_id": null,
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"_id": null,
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"_id": null,
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"_id": null,
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"_id": null,
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0"
},
{
"_id": null,
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "blackberry link",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "1.2"
},
{
"_id": null,
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.05"
},
{
"_id": null,
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"_id": null,
"model": "msr20-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.107"
},
{
"_id": null,
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "msr30-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "4510g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"_id": null,
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"_id": null,
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"_id": null,
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "junos 12.1r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"_id": null,
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"_id": null,
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"_id": null,
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "junos os 12.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
}
],
"sources": [
{
"db": "BID",
"id": "66801"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-193"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005667"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:api_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:infosphere_master_data_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:initiate_master_data_service",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:java_sdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:ibm:security_access_manager_for_mobile_appliance",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:ibm:security_access_manager_for_web_appliance",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:smartcloud_orchestrator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:smartcloud_provisioning",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:tivoli_management_framework",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:virtualization_secure_global_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:vm_virtualbox",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hitachi:l20_300",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hitachi:lto6_drive",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hitachi:lx_30a",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005667"
}
]
},
"credits": {
"_id": null,
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127265"
}
],
"trust": 0.6
},
"cve": "CVE-2010-5298",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CVE-2010-5298",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-5298",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2010-5298",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-193",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-5298",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-193"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005667"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"description": {
"_id": null,
"data": "Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. OpenSSL is prone to a remote memory-corruption vulnerability. \nAn attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible; however, this has not been confirmed. ============================================================================\nUbuntu Security Notice USN-2192-1\nMay 05, 2014\n\nopenssl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 13.10\n- Ubuntu 12.10\n- Ubuntu 12.04 LTS\n\nSummary:\n\nOpenSSL could be made to crash if it received specially crafted network\ntraffic. \n(CVE-2010-5298)\n\nIt was discovered that OpenSSL incorrectly handled memory in the\ndo_ssl3_write() function. \n(CVE-2014-0198)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.1\n\nUbuntu 13.10:\n libssl1.0.0 1.0.1e-3ubuntu1.3\n\nUbuntu 12.10:\n libssl1.0.0 1.0.1c-3ubuntu2.8\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.13\n\nAfter a standard system update you need to reboot your computer to make all\nthe necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2014:0679-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-0679.html\nIssue date: 2014-06-10\nCVE Names: CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 \n CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 7. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. \n\nIt was found that OpenSSL clients and servers could be forced, via a\nspecially crafted handshake packet, to use weak keying material for\ncommunication. A man-in-the-middle attacker could use this flaw to decrypt\nand modify traffic between a client and a server. (CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client must be\nusing a vulnerable version of OpenSSL; the server must be using OpenSSL\nversion 1.0.1 and above, and the client must be using any version of\nOpenSSL. For more information about this flaw, refer to:\nhttps://access.redhat.com/site/articles/904433\n\nA buffer overflow flaw was found in the way OpenSSL handled invalid DTLS\npacket fragments. A remote attacker could possibly use this flaw to execute\narbitrary code on a DTLS client or server. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write buffers\nwhen the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or\nserver using OpenSSL could crash or unexpectedly drop connections when\nprocessing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)\n\nA denial of service flaw was found in the way OpenSSL handled certain DTLS\nServerHello requests. A specially crafted DTLS handshake packet could cause\na DTLS client using OpenSSL to crash. (CVE-2014-0221)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed\nanonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially\ncrafted handshake packet could cause a TLS/SSL client that has the\nanonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues. \nUpstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter\nof CVE-2014-0224, J\u00fcri Aedla as the original reporter of CVE-2014-0195,\nImre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix\nGr\u00f6bert and Ivan Fratri\u0107 of Google as the original reporters of\nCVE-2014-3470. \n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1087195 - CVE-2010-5298 openssl: freelist misuse causing a possible use-after-free\n1093837 - CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write()\n1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability\n1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake\n1103598 - CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment\n1103600 - CVE-2014-3470 openssl: client-side denial of service when using anonymous ECDH\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.3.src.rpm\n\nppc64:\nopenssl-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-static-1.0.1e-34.el7_0.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-static-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-static-1.0.1e-34.el7_0.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2010-5298.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0195.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0198.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0221.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0224.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3470.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/site/articles/904433\nhttps://access.redhat.com/site/solutions/905793\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFTl161XlSAg2UNWIIRAiJlAKCiztPWPTBaVbDSJK/cEtvknFYpTACgur3t\nGHJznx5GNeKZ00848jTZ9hw=\n=48eV\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. \n\nThe attack can only be performed between a vulnerable client *and*\nserver. \n\nThanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 1st May\n2014 via JPCERT/CC. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team partly based\non an original patch from KIKUCHI Masashi. \n\nDTLS recursion flaw (CVE-2014-0221)\n====================================\n\nBy sending an invalid DTLS handshake to an OpenSSL DTLS client the code\ncan be made to recurse eventually crashing in a DoS attack. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This\nissue was reported to OpenSSL on 9th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to J\u00fcri Aedla for reporting this issue. This issue was\nreported to OpenSSL on 23rd April 2014 via HP ZDI. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. This flaw\nonly affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is\nenabled, which is not the default and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. The fix was developed by\nMatt Caswell of the OpenSSL development team. \nThis flaw only affects multithreaded applications using OpenSSL 1.0.0\nand 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the\ndefault and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. \n\nOpenSSL 0.9.8 users should upgrade to 0.9.8za\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThanks to Felix Gr\u00f6bert and Ivan Fratri\u0107 at Google for discovering this\nissue. This issue was reported to OpenSSL on 28th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nOther issues\n============\n\nOpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for\nCVE-2014-0076: Fix for the attack described in the paper \"Recovering\nOpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack\"\nReported by Yuval Yarom and Naomi Benger. This issue was previously\nfixed in OpenSSL 1.0.1g. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20140605.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. The following\nCommon Vulnerabilities and Exposures project ids identify them:\n\nCVE-2010-5298\n\n A read buffer can be freed even when it still contains data that is\nused later on, leading to a use-after-free. \n\nCVE-2014-0076\n\n ECDSA nonces can be recovered through the Yarom/Benger FLUSH+RELOAD\ncache side-channel attack. \n\nA third issue, with no CVE id, is the missing detection of the\n\"critical\" flag for the TSA extended key usage under certain cases. \n\n\nAdditionally, this update checks for more services that might need to\nbe restarted after upgrades of libssl, corrects the detection of\napache2 and postgresql, and adds support for the\n\u0027libraries/restart-without-asking\u0027 debconf configuration. This allows\nservices to be restarted on upgrade without prompting. \n\n\nThe oldstable distribution (squeeze) is not affected by CVE-2010-5298\nand it might be updated at a later time to address the remaining\nvulnerabilities. \n\nFor the testing distribution (jessie), these problems will be fixed\nsoon. \n \n The Montgomery ladder implementation in OpenSSL through 1.0.0l does\n not ensure that certain swap operations have a constant-time behavior,\n which makes it easier for local users to obtain ECDSA nonces via a\n FLUSH+RELOAD cache side-channel attack (CVE-2014-0076). \n \n The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before\n 1.0.1g do not properly handle Heartbeat Extension packets, which allows\n remote attackers to obtain sensitive information from process memory\n via crafted packets that trigger a buffer over-read, as demonstrated\n by reading private keys, related to d1_both.c and t1_lib.c, aka the\n Heartbleed bug (CVE-2014-0160). \n \n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before\n 1.0.1h does not properly restrict processing of ChangeCipherSpec\n messages, which allows man-in-the-middle attackers to trigger use of a\n zero-length master key in certain OpenSSL-to-OpenSSL communications,\n and consequently hijack sessions or obtain sensitive information,\n via a crafted TLS handshake, aka the CCS Injection vulnerability\n (CVE-2014-0224). \n \n The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other\n products, uses nondeterministic CBC padding, which makes it easier\n for man-in-the-middle attackers to obtain cleartext data via a\n padding-oracle attack, aka the POODLE issue (CVE-2014-3566). \n \n The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before\n 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square\n of a BIGNUM value, which might make it easier for remote attackers to\n defeat cryptographic protection mechanisms via unspecified vectors,\n related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and\n crypto/bn/bn_asm.c (CVE-2014-3570). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote\n SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger\n a loss of forward secrecy by omitting the ServerKeyExchange message\n (CVE-2014-3572). \n \n OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k\n does not enforce certain constraints on certificate data, which allows\n remote attackers to defeat a fingerprint-based certificate-blacklist\n protection mechanism by including crafted data within a\n certificate\u0026#039;s unsigned portion, related to crypto/asn1/a_verify.c,\n crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c\n (CVE-2014-8275). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL\n servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate\n brute-force decryption by offering a weak ephemeral RSA key in a\n noncompliant role, related to the FREAK issue. NOTE: the scope of\n this CVE is only client code based on OpenSSL, not EXPORT_RSA issues\n associated with servers or other TLS implementations (CVE-2015-0204). \n \n The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before\n 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a\n Diffie-Hellman (DH) certificate without requiring a CertificateVerify\n message, which allows remote attackers to obtain access without\n knowledge of a private key via crafted TLS Handshake Protocol traffic\n to a server that recognizes a Certification Authority with DH support\n (CVE-2015-0205). \n \n The updated packages have been upgraded to the 1.0.1m version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293\n http://openssl.org/news/secadv_20150108.txt\n http://openssl.org/news/secadv_20150319.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm\n 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm\n a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm \n 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS\nkz0ex6eI6hA6qSwklA2NoXY=\n=GYjX\n-----END PGP SIGNATURE-----\n. \n\nDetails: \nUnisphere Central requires an update to address various security vulnerabilities:\n\n1. \tUnvalidated Redirect Vulnerability (CVE-2015-0512)\n\nA potential vulnerability in Unisphere Central may allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. The attacker can specify the location of the arbitrary site in the unvalidated parameter of a crafted URL. If this URL is accessed, the browser is redirected to the arbitrary site specified in the parameter. \n\nCVSSv2 Base Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)\n\n2. \tMultiple Embedded Component Vulnerabilities\n\nThe following vulnerabilities affecting multiple embedded components were addressed:\n\n\\x95\tPostgreSQL (CVE-2013-1899, CVE-2013-1900, CVE-2013-1901, CVE-2013-1902)\n\\x95\tApache Tomcat HTTP Digest Access Bypass (CVE-2012-5885)\n\\x95\tSSL3.0/TLS1.0 Weak CBC Mode Vulnerability (CVE-2011-3389)\n\\x95\tSUSE Kernel Updates (CVE-2013-1767, CVE-2012-2137, CVE-2012-6548, CVE-2013-1797, CVE-2013-0231,CVE-2013-1774, CVE-2013-1848, CVE-2013-0311, CVE-2013-2634, CVE-2013-0268, CVE-2013-0913, CVE-2013-1772, CVE-2013-0216, CVE-2013-1792, CVE-2012-6549, CVE-2013-2635, CVE-2013-0914, CVE-2013-1796, CVE-2013-0160, CVE-2013-1860, CVE-2013-0349, CVE-2013-1798)\n\\x95\tLibgcrypt (CVE-2013-4242)\n\\x95\tcURL/libcURL Multiple Vulnerabilities (CVE-2014-0138, CVE-2014-0139, CVE-2014-0015, CVE-2014-3613, CVE-2014-3620)\n\\x95\tOpenSSL Multiple Vulnerabilities (CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139, CVE-2014-3513, CVE-2014-3567, CVE-2014-3568, CVE-2014-3566)\n\\x95\tGNU Privacy Guard (GPG2) Update (CVE-2012-6085)\n\\x95\tJava Runtime Environment (CVE-2014-2403, CVE-2014-0446, CVE-2014-0457, CVE-2014-0453, CVE-2014-2412, CVE-2014-2398, CVE-2014-0458, CVE-2014-2397, CVE-2014-0460, CVE-2014-0429, CVE-2014-2428, CVE-2014-2423, CVE-2014-2420, CVE-2014-0448, CVE-2014-0459, CVE-2014-2427, CVE-2014-2414, CVE-2014-0461, CVE-2014-0454, CVE-2014-2422, CVE-2014-0464, CVE-2014-2401, CVE-2014-0456, CVE-2014-0455, CVE-2014-0451, CVE-2014-0449, CVE-2014-0432, CVE-2014-0463, CVE-2014-2410, CVE-2014-2413, CVE-2014-2421, CVE-2014-2409, CVE-2014-2402, CVE-2014-0452, CVE-2014-4220, CVE-2014-2490, CVE-2014-4266, CVE-2014-4219, CVE-2014-2483, CVE-2014-4263, CVE-2014-4264, CVE-2014-4268, CVE-2014-4252, CVE-2014-4223, CVE-2014-4247, CVE-2014-4218, CVE-2014-4221, CVE-2014-4262, CVE-2014-4227, CVE-2014-4208, CVE-2014-4209, CVE-2014-4265, CVE-2014-4244, CVE-2014-4216)\n\\x95\tOpenSSH Denial of Service (CVE-2010-5107)\n\\x95\tNetwork Security Services (NSS) Update (CVE-2014-1545, CVE-2014-1541, CVE-2014-1534, CVE-2014-1533, CVE-2014-1536, CVE-2014-1537, CVE-2014-1538)\n\\x95\t Xorg-X11 Update (CVE-2013-2005, CVE-2013-2002)\n\\x95\tGnuTLS SSL Verification Vulnerability (CVE-2014-0092)\n\\x95\tPango Security Update (CVE-2011-0020, CVE-2011-0064)\n\\x95\tD-Bus Denial of Service (CVE-2014-3638,CVE-2014-3639)\n\\x95\tPerl Denial of Service (CVE-2014-4330)\nCVSSv2 Base Score: Refer to NVD (http://nvd.nist.gov) for individual scores for each CVE listed above\n\nFor more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm. To search for a particular CVE, use the NVD database\\x92s search utility at http://web.nvd.nist.gov/view/vuln/search\n\nResolution: \nThe following Unisphere Central release contains resolutions to the above issues:\n\\x95\tUnisphere Central version 4.0. \n\nEMC strongly recommends all customers upgrade at the earliest opportunity. Contact EMC Unisphere Central customer support to download the required upgrades. \n\nLink to remedies:\nRegistered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/products/28224_Unisphere-Central\n\n\nIf you have any questions, please contact EMC Support. \n\nRead and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867. \n\n\nFor an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. EMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. \n\nRelease Date: 2014-08-08\nLast Updated: 2014-08-08\n\nPotential Security Impact: Remote denial of service (DoS), code execution,\nunauthorized access, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP System\nManagement Homepage (SMH), HP Smart Update Manager (SUM), and HP Version\nControl Agent (VCA) running on Linux and Windows. These components of HP\nInsight Control server deployment could be exploited remotely resulting in\ndenial of service (DoS), code execution, unauthorized access, or disclosure\nof information. \n\nHP Insight Control server deployment packages HP System Management Homepage\n(SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM)\nand deploys them through the following components. This bulletin provides the\ninformation needed to update the HP Insight Control server deployment\nsolution. \n\nInstall HP Management Agents for Windows x86/x64\nInstall HP Management Agents for RHEL 5 x64\nInstall HP Management Agents for RHEL 6 x64\nInstall HP Management Agents for SLES 10 x64\nInstall HP Management Agents for SLES 11 x64\nUpgrade Proliant Firmware\n\nReferences:\n\nCVE-2010-5298 Remote Denial of Service\nCVE-2014-0076 Unauthorized Disclosure of Information\nCVE-2014-0195 Remote Unauthorized Access\nCVE-2014-0198 Remote Denial of Service\nCVE-2014-0221 Remote Denial of Service (DoS)\nCVE-2014-0224 Remote Unauthorized Access or Disclosure of Information\nCVE-2014-3470 Remote Code Execution or Unauthorized Access\nSSRT101628\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following updates to v7.3.1 of HP Insight Control server\ndeployment to resolve this vulnerability. HP has provided manual update steps\nif a version upgrade is not possible; if users wish to remain at v7.1.2,\nv7.2.0, or v7.2.1. \n\nNote: It is important to check your current running version of HP Insight\nControl server deployment and to follow the correct steps listed below. For\nHP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and\nfollow the steps below to remove the vulnerability. The vulnerability known\nas Heartbleed (CVE-2014-0160) was fixed in HP Insight Control server\ndeployment v7.3.1. That Security Bulletin with instructions on how to upgrade\nto v7.3.1 can be found here:\n\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n\na-c04267749\n\nHP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should\ntake the following steps to remove this vulnerability. \n\nDelete the files smhamd64-*.exe/smhx86-*.exe\" from Component Copy Location\nlisted in the following table, rows 1 and 2. \nDelete the files \"vcax86-*.exe/vcaamd64-*.exe from Component Copy Location\nlisted in the following table, rows 3 and 4. \nDelete the files hpsmh-7.*.rpm\" from Component Copy Location listed in row 5. \nIn sequence, perform the steps from left to right in the following table. \nFirst, download components from Download Link; Second, rename the component\nas suggested in Rename to. Third, copy the component to the location\nspecified in Component Copy Location. \nTable Row Number\n Download Link\n Rename to\n Component Copy Location\n\n1\n http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba\n smhamd64-ccp023716.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n2\n http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05\n smhx86-cp023715.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n3\n http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13\n vcax86-cp023742.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n4\n http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2\n vcaamd64-cp023743.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n5\n http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\nDownload and extract the HPSUM 5.3.6 component from\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793\n\nCopy all content from extracted ZIP folder and paste into\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components\nInitiate Install HP Management Agents for SLES 11 x64 on targets running\nSLES11 x64. \nInitiate Install HP Management Agents for SLES 10 x64 on targets running\nSLES10 x64. \nInitiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL\n6 x64. \nInitiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL\n5 x64. \nInitiate Install HP Management Agents for Windows x86/x64 on targets running\nWindows. \n\nHP Insight Control server deployment users with v7.2.2:\n\nPlease upgrade to Insight Control server deployment v7.3.1 and follow the\nsteps below for v7.3.1. \n\nHP Insight Control server deployment users with v7.3.1:\n\nPerform steps 1 - 4 as outlined above for users with HP Insight Control\nserver deployment v7.1.2, v7.2.0, and v7.2.1. \nDownload the HP SUM ZIP file from\nhttp://www.hp.com/swpublishing/MTX-f6c141a7feeb4a358bbb28300f\n\nExtract the contents from the HP SUM ZIP file to\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components location on the Insight Control\nserver deployment server\n\nRelated security bulletins:\n\nFor System Management Homepage please see Security bulletin HPSBMU03051 https\n://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04\n345210\n\nFor HP Version Control Agent please see Security bulletin HPSBMU03057 https:/\n/h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c0434\n9897\n\nHISTORY\nVersion:1 (rev.1) - 8 August 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1h-i486-1_slack14.1.txz: Upgraded. \n Multiple security issues have been corrected, including a possible\n man-in-the-middle attack where weak keying material is forced, denial\n of service, and the execution of arbitrary code. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8za-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8za-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8za-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8za-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8za-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8za-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1h-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1h-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1h-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1h-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1h-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1h-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1h-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1h-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n634b8ecc8abc6d3f249b73d0fefa5959 openssl-0.9.8za-i486-1_slack13.0.txz\na2529f1243d42a3608f61b96236b5f60 openssl-solibs-0.9.8za-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n2ddac651c5f2531f3a7f70d9f5823bd6 openssl-0.9.8za-x86_64-1_slack13.0.txz\nd7ffeb15713a587f642fbb3d5c310c75 openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n0b84a6a1edf76cba83d4c52c54196baa openssl-0.9.8za-i486-1_slack13.1.txz\ndfd5d241b0e1703ae9d70d6ccda06179 openssl-solibs-0.9.8za-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\nbd749622577a5f76a59d90b95aa922fd openssl-0.9.8za-x86_64-1_slack13.1.txz\n35cf911dd9f0cc13f7f0056d9e1f4520 openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n8f674defac9002c81265d284b1072f75 openssl-0.9.8za-i486-1_slack13.37.txz\n48ce79e7714cb0c823d2b6ea4a88ba51 openssl-solibs-0.9.8za-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\nefa09162c22782c15806bca99472c5be openssl-0.9.8za-x86_64-1_slack13.37.txz\n8e3b8d1e3d3a740bd274fbe38dc10f96 openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\n8e2698d19f54c7e0cac8f998df23b782 openssl-1.0.1h-i486-1_slack14.0.txz\ncf6233bc169cf6dd192bb7210f779fc1 openssl-solibs-1.0.1h-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n2b4f0610d5e46fa7bb27a0b39f0d6d33 openssl-1.0.1h-x86_64-1_slack14.0.txz\n18fdd83dcf86204275508a689a017dea openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n49aea7da42eef41da894f29762971863 openssl-1.0.1h-i486-1_slack14.1.txz\n6f19f4fdc3f018b4e821c519d7bb1e5c openssl-solibs-1.0.1h-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nccf5ff2b107c665a4f3bf98176937749 openssl-1.0.1h-x86_64-1_slack14.1.txz\nea1aaba38c98b096186ca94ca541a793 openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\ndb1ed7ded71ab503f567940fff39eb16 a/openssl-solibs-1.0.1h-i486-1.txz\n0db4f91f9b568b2b2629950e5ab88b22 n/openssl-1.0.1h-i486-1.txz\n\nSlackware x86_64 -current packages:\nd01aef33335bee27f36574241f54091f a/openssl-solibs-1.0.1h-x86_64-1.txz\n95a743d21c58f39573845d6ec5270656 n/openssl-1.0.1h-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1h-i486-1_slack14.1.txz openssl-solibs-1.0.1h-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. \n\nHP Systems Insight Manager v7.3 Hotfix kit\nHP Systems Insight Manager v7.2 Hotfix kit (The HP Systems Insight Manager\nv7.2 Hotfix kit is currently unavailable, but will be released at a later\ndate. \n\nhttp://h18013.www1.hp.com/products/servers/management/hpsim/download.html\n\nNOTE: No reboot of the system is required after applying the HP SIM Hotfix\nkit",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5298"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005667"
},
{
"db": "BID",
"id": "66801"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "PACKETSTORM",
"id": "126481"
},
{
"db": "PACKETSTORM",
"id": "127042"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "126228"
},
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "130188"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127326"
}
],
"trust": 3.24
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2010-5298",
"trust": 4.2
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2014/04/13/1",
"trust": 2.5
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 2.0
},
{
"db": "BID",
"id": "66801",
"trust": 2.0
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59440",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59438",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005667",
"trust": 0.8
},
{
"db": "LENOVO",
"id": "LEN-24443",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201404-193",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03G",
"trust": 0.4
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10643",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03F",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03B",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03C",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03D",
"trust": 0.3
},
{
"db": "MCAFEE",
"id": "SB10071",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2010-5298",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127213",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127266",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127608",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126976",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127807",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130188",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131044",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127326",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126228",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126961",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127265",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127042",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126481",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126930",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "BID",
"id": "66801"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "130188"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "126228"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "127042"
},
{
"db": "PACKETSTORM",
"id": "126481"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-193"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005667"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"id": "VAR-201404-0008",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4232012882608696
},
"last_update_date": "2026-04-10T22:27:06.313000Z",
"patch": {
"_id": null,
"data": [
{
"title": "KB36051",
"trust": 0.8,
"url": "http://www.blackberry.com/btsc/KB36051"
},
{
"title": "cisco-sa-20140605-openssl",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
},
{
"title": "Contents of /head/security/openssl/files/patch-ssl-s3_pkt.c",
"trust": 0.8,
"url": "http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191\u0026view=markup"
},
{
"title": "HIRT-PUB14010",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/hirt/publications/hirt-pub14010/index.html"
},
{
"title": "1676035",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"title": "1676062",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"title": "1676419",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"title": "1676655",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"title": "1677695",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"title": "1677828",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"title": "1678167",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"title": "1673137",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"title": "2079783",
"trust": 0.8,
"url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_US\u0026cmd=displayKC\u0026externalId=2079783"
},
{
"title": "SB10075",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075"
},
{
"title": "004_openssl.patch.sig",
"trust": 0.8,
"url": "http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig"
},
{
"title": "#2167: openssl-1.0.0-beta5 - fails if used from multiple threads and with",
"trust": 0.8,
"url": "https://rt.openssl.org/Ticket/Display.html?id=2167\u0026user=guest\u0026pass=guest"
},
{
"title": "SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"title": "Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - January 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2014",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2014 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014verbose-1972958.html"
},
{
"title": "SA80",
"trust": 0.8,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA80"
},
{
"title": "Huawei-SA-20140613-OpenSSL",
"trust": 0.8,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"title": "January 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/january_2015_critical_patch_update"
},
{
"title": "CVE-2010-5298 Race Conditions vulnerability in OpenSSL",
"trust": 0.8,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2010_5298_race_conditions"
},
{
"title": "VMSA-2014-0006",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0006.html"
},
{
"title": "OpenSSL\u306e\u8106\u5f31\u6027(CVE-2014-0224\u4ed6)\u306b\u3088\u308b\u30c6\u30fc\u30d7\u30e9\u30a4\u30d6\u30e9\u30ea\u88c5\u7f6e\u3078\u306e\u5f71\u97ff\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/products/it/server/security/info/vulnerable/openssl_cve20140224_tape_library.html"
},
{
"title": "cisco-sa-20140605-openssl",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/112/1122/1122700_cisco-sa-20140605-openssl-j.html"
},
{
"title": "008_openssl",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49298"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/07/10/fireeye_patches_os_torpedo_exploitdb_disclosure/"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2192-1"
},
{
"title": "Debian Security Advisories: DSA-2908-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=438bf64e25a46a5ac11098b5720d1bb6"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0198 Null pointer dereference bug in OpenSSL 1.0.1g and earlier",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=94b6140bb563b66b3bcd98992e854bf3"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0076",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=1fc1fc75c3cab4aa04eb437a09a1da4f"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-349"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hrbrmstr/internetdb "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-193"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005667"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-362",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005667"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "http://openwall.com/lists/oss-security/2014/04/13/1"
},
{
"trust": 2.2,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 2.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 2.0,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
},
{
"trust": 2.0,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 1.7,
"url": "http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191\u0026view=markup"
},
{
"trust": 1.7,
"url": "http://ftp.openbsd.org/pub/openbsd/patches/5.5/common/004_openssl.patch.sig"
},
{
"trust": 1.7,
"url": "http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse"
},
{
"trust": 1.7,
"url": "https://rt.openssl.org/ticket/display.html?id=3265\u0026user=guest\u0026pass=guest"
},
{
"trust": 1.7,
"url": "http://www.openbsd.org/errata55.html#004_openssl"
},
{
"trust": 1.7,
"url": "https://rt.openssl.org/ticket/display.html?id=2167\u0026user=guest\u0026pass=guest"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/66801"
},
{
"trust": 1.7,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 1.7,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59438"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.7,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.7,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.7,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.7,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:090"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59440"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29195"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.7,
"url": "http://advisories.mageia.org/mgasa-2014-0187.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-5298"
},
{
"trust": 0.6,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.6,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.6,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/solutions/len-24443"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03g"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2014/q2/102"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list\u0026showdraft=false"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2010_5298_race_conditions"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "http://www.freebsd.org/security/advisories/freebsd-sa-14:09.openssl.asc"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10643\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://www.openssl.org"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15328.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100180978"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03d"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368264"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04347622"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004830"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10071"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/29a7e-50e49f9c009f9/cert_security_mini_bulletin_xrx14g_for_77xx_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory8.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690128"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004695"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03b"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03c"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03f"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-bd9a1cf60e344c549c4888db93"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-3395d737d98f42149125b9bb05"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-e8076c2a35804685ad65b2b1ba"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-c0d32bac154a4d93839d8cd1f2"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-8aefeaf490284a7691eca97d13"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0224.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0198.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/site/articles/904433"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2010-5298.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3470.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0221.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0195.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/362.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=33860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2192-1/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-511c3e0b2f6f4f6bbc796fc619"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-3a7aa5e233904ebe847a5e1555"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-d775367b0a28449ca05660778b"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-2c54f23c6dbc4d598e86fdef95"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-4480df0f6d544779b0143f5c3b"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/hpsim/download.html"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.1,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-f6c141a7feeb4a358bbb28300f"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1796"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0064"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1774"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1899"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/search"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1798"
},
{
"trust": 0.1,
"url": "https://support.emc.com/products/28224_unisphere-central"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2137"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0311"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1792"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0914"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0349"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0020"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1848"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1767"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3389"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6085"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5885"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0913"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1797"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/home.cfm."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6548"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1772"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0289"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0287"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150319.txt"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150108.txt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0288"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206"
},
{
"trust": 0.1,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/products/service_pack/hpsu"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-8208c3987b1b4a5093f3e8fcc3"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/905793"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0679.html"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.13"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1c-3ubuntu2.8"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2192-1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/906703"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0628.html"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "BID",
"id": "66801"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "130188"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "126228"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "127042"
},
{
"db": "PACKETSTORM",
"id": "126481"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-193"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005667"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2010-5298",
"ident": null
},
{
"db": "BID",
"id": "66801",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127213",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127266",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127608",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126976",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127807",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130188",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131044",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127326",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126228",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126961",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127265",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127042",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126481",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126930",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201404-193",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005667",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2010-5298",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-04-14T00:00:00",
"db": "VULMON",
"id": "CVE-2010-5298",
"ident": null
},
{
"date": "2014-04-13T00:00:00",
"db": "BID",
"id": "66801",
"ident": null
},
{
"date": "2014-06-25T21:32:38",
"db": "PACKETSTORM",
"id": "127213",
"ident": null
},
{
"date": "2014-06-27T18:43:56",
"db": "PACKETSTORM",
"id": "127266",
"ident": null
},
{
"date": "2014-07-24T23:48:05",
"db": "PACKETSTORM",
"id": "127608",
"ident": null
},
{
"date": "2014-06-06T23:46:36",
"db": "PACKETSTORM",
"id": "126976",
"ident": null
},
{
"date": "2014-08-08T21:53:16",
"db": "PACKETSTORM",
"id": "127807",
"ident": null
},
{
"date": "2015-01-30T22:43:20",
"db": "PACKETSTORM",
"id": "130188",
"ident": null
},
{
"date": "2015-03-27T20:42:44",
"db": "PACKETSTORM",
"id": "131044",
"ident": null
},
{
"date": "2014-07-02T21:43:37",
"db": "PACKETSTORM",
"id": "127326",
"ident": null
},
{
"date": "2014-04-21T19:46:40",
"db": "PACKETSTORM",
"id": "126228",
"ident": null
},
{
"date": "2014-06-05T21:13:52",
"db": "PACKETSTORM",
"id": "126961",
"ident": null
},
{
"date": "2014-06-27T18:43:23",
"db": "PACKETSTORM",
"id": "127265",
"ident": null
},
{
"date": "2014-06-11T00:10:53",
"db": "PACKETSTORM",
"id": "127042",
"ident": null
},
{
"date": "2014-05-05T17:16:01",
"db": "PACKETSTORM",
"id": "126481",
"ident": null
},
{
"date": "2014-06-05T15:19:35",
"db": "PACKETSTORM",
"id": "126930",
"ident": null
},
{
"date": "2014-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-193",
"ident": null
},
{
"date": "2014-04-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005667",
"ident": null
},
{
"date": "2014-04-14T22:38:08.590000",
"db": "NVD",
"id": "CVE-2010-5298",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2022-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2010-5298",
"ident": null
},
{
"date": "2017-05-23T16:24:00",
"db": "BID",
"id": "66801",
"ident": null
},
{
"date": "2022-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-193",
"ident": null
},
{
"date": "2015-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005667",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2010-5298",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "126481"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-193"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "OpenSSL of s3_pkt.c of ssl3_read_bytes Vulnerability in inserting data between sessions in a function",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005667"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "competition condition problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-193"
}
],
"trust": 0.6
}
}
VAR-201410-0371
Vulnerability from variot - Updated: 2026-04-10 22:25Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message. OpenSSL is prone to a security-bypass vulnerability. Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected.
OpenSSL 1.0.1 users should upgrade to 1.0.1j.
This issue was reported to OpenSSL on 26th September 2014, based on an original issue and patch developed by the LibreSSL project. Further analysis of the issue was performed by the OpenSSL team.
The fix was developed by the OpenSSL team.
Session Ticket Memory Leak (CVE-2014-3567)
Severity: Medium
When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack.
OpenSSL 1.0.1 users should upgrade to 1.0.1j. OpenSSL 1.0.0 users should upgrade to 1.0.0o. OpenSSL 0.9.8 users should upgrade to 0.9.8zc.
This issue was reported to OpenSSL on 8th October 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
SSL 3.0 Fallback protection
Severity: Medium
OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade.
Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE (CVE-2014-3566).
OpenSSL 1.0.1 users should upgrade to 1.0.1j. OpenSSL 1.0.0 users should upgrade to 1.0.0o. OpenSSL 0.9.8 users should upgrade to 0.9.8zc.
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 https://www.openssl.org/~bodo/ssl-poodle.pdf
Support for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller.
Build option no-ssl3 is incomplete (CVE-2014-3568)
Severity: Low
When OpenSSL is configured with "no-ssl3" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them.
OpenSSL 1.0.1 users should upgrade to 1.0.1j. OpenSSL 1.0.0 users should upgrade to 1.0.0o. OpenSSL 0.9.8 users should upgrade to 0.9.8zc.
This issue was reported to OpenSSL by Akamai Technologies on 14th October 2014.
The fix was developed by Akamai and the OpenSSL team.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20141015.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
. HP BladeSystem c-Class Onboard Administrator (OA) 4.30 and earlier.
Go to http://www.hp.com/go/oa
Select "Onboard Administrator Firmware" Select product name as ""HP BLc3000 Onboard Administrator Option" or "HP BLc7000 Onboard Administrator Option" Select the operating system from the list of choices Select Firmware version 4.40 for download Refer to the HP BladeSystem Onboard Administrator User Guide for steps to update the Onboard Administrator firmware.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz: Upgraded. ( Security fix ) patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz: Upgraded. For more information, see: https://www.openssl.org/news/secadv_20141015.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zc-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zc-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zc-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1j-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1j-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1j-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1j-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1j-i486-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1j-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1j-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 packages: 44d336a121b39296f0e6bbeeb283dd2b openssl-0.9.8zc-i486-1_slack13.0.txz 8342cfb351e59ecf5ea6d8cba66f0040 openssl-solibs-0.9.8zc-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: 671f12535bdc10ab24388b713351aca2 openssl-0.9.8zc-x86_64-1_slack13.0.txz 21e380284cdfab2fd15fffe2e0aed526 openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 64cb819f1e07522bd5d7ceedd0a9ab50 openssl-0.9.8zc-i486-1_slack13.1.txz 5fe4e385b2251cfd7e8ae5963ec6cef1 openssl-solibs-0.9.8zc-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: 94feb6699d6f2cc7750a6b2e17ccaaa2 openssl-0.9.8zc-x86_64-1_slack13.1.txz 2c17e4286509c29074ab0168367b851e openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 4483d91c776c7e23c59246c4e0aa24aa openssl-0.9.8zc-i486-1_slack13.37.txz fedd58eb19bc13c9dd88d947827a7370 openssl-solibs-0.9.8zc-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: 5d48ac1e9339efc35e304c7d48b2e762 openssl-0.9.8zc-x86_64-1_slack13.37.txz 6f5e2b576259477c13f12cbed9be8804 openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz
Slackware 14.0 packages: 2b678160283bc696565dc8bd8b28c0eb openssl-1.0.1j-i486-1_slack14.0.txz f7762615c990713e9e86d4da962f1022 openssl-solibs-1.0.1j-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 41010ca37d49b74e7d7dc3f1c6ddc57e openssl-1.0.1j-x86_64-1_slack14.0.txz 40dc6f3de217279d6140c1efcc0d45c8 openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 024ecea55e22e47f9fbb4b81a7b72a51 openssl-1.0.1j-i486-1_slack14.1.txz 0a575668bb41ec4c2160800611f7f627 openssl-solibs-1.0.1j-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: d07fe289f7998a584c2b0d9810a8b9aa openssl-1.0.1j-x86_64-1_slack14.1.txz 1ffc5d0c02b0c60cefa5cf9189bfc71d openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz
Slackware -current packages: 53c9f51a79460bbfc5dec5720317cd53 a/openssl-solibs-1.0.1j-i486-1.txz cc059aa63494f3b005a886c70bc3f5d6 n/openssl-1.0.1j-i486-1.txz
Slackware x86_64 -current packages: 500709555e652adcd84b4e02dfab4eeb a/openssl-solibs-1.0.1j-x86_64-1.txz c483ca9c450fa90a901ac013276ccc53 n/openssl-1.0.1j-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1j-i486-1_slack14.1.txz openssl-solibs-1.0.1j-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04540692
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04540692 Version: 1
HPSBGN03233 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-01-13 Last Updated: 2015-01-13
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP OneView running OpenSSL and Bash Shell. These vulnerabilities (POODLE and Shellshock) could be exploited remotely to create a Denial of Service (DoS), allow unauthorized access, or disclose information.
References:
CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 SSRT101739 SSRT101868
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP OneView versions prior to 1.20
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-3513 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3567 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-6277 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-6278 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-7186 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-7187 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has released the following software update to resolve the vulnerabilities in HP OneView.
Existing users may upgrade to HP OneView version 1.20 using the Update Appliance feature in HP OneView.
HP OneView version 1.20 is available from the following location:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =Z7550-63180
Note: The upgrade (.bin) or a new install (.ova) is also available:
An HP Passport login is required.
Go to the HP Software Depot site at http://www.software.hp.com and search for HP OneView.
HISTORY Version:1 (rev.1) - 13 January 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2014:1692-01 Product: Red Hat Storage Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1692.html Issue date: 2014-10-22 CVE Names: CVE-2014-3513 CVE-2014-3567 =====================================================================
- Summary:
Updated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue and fix two security issues are now available for Red Hat Storage 2.1.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Storage Server 2.1 - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library.
This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails.
This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication.
For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123
A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. (CVE-2014-3567)
All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to mitigate the CVE-2014-3566 issue and correct the CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Package List:
Red Hat Storage Server 2.1:
Source: openssl-1.0.1e-30.el6_6.2.src.rpm
x86_64: openssl-1.0.1e-30.el6_6.2.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-3513 https://access.redhat.com/security/cve/CVE-2014-3567 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/1232123
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFUR/NUXlSAg2UNWIIRAlZHAJwPwsoiJDn5RhI6U8eFkIzxyQopkQCePynp RpfQCptdJIpd6WXO7pw1vVo= =T20t -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "bladecenter advanced management module 3.66n",
"scope": "ne",
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "bladecenter advanced management module 3.66k",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "global console manager",
"scope": "ne",
"trust": 0.6,
"vendor": "ibm",
"version": "1.26.1.23978"
},
{
"_id": null,
"model": "global console manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "1.4.2.15036"
},
{
"_id": null,
"model": "global console manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "1.20.20.23447"
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.6,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "local console manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "1.2.39.0"
},
{
"_id": null,
"model": "local console manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "1.2.27.00"
},
{
"_id": null,
"model": "local console manager",
"scope": "ne",
"trust": 0.6,
"vendor": "ibm",
"version": "1.2.40.00"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "bladecenter advanced management module 25r5778",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "q",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "16200"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1948"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "k",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58200"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "switch series r1809p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5820"
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "msr4000",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.0"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "1.7.5"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "mcp r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6600"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "msr3000 r0106p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.0"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sle client tools",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "tivoli netcool/reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "850/8700"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "r5203p11",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2"
},
{
"_id": null,
"model": "f5000-s",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "msr1000 r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"_id": null,
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8zb",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"_id": null,
"model": "msr9xx",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "j",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58300"
},
{
"_id": null,
"model": "project openssl 1.0.1j",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "tivoli dynamic workload console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.0"
},
{
"_id": null,
"model": "wb",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"_id": null,
"model": "n",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.0o",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "pa",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "aspera",
"scope": "ne",
"trust": 0.3,
"vendor": "asperasoft",
"version": "3.5.2"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "m210",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "vsr1000",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "r15xx",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19100"
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.2"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "119000"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.4"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1.0"
},
{
"_id": null,
"model": "switch series r5319p10",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3610"
},
{
"_id": null,
"model": "project openssl 1.0.0m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "msr1000 russian version r2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "f5000-c",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "tivoli dynamic workload console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "1.0.1"
},
{
"_id": null,
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8720"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.23"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.2"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.2.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.4"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "a6600",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "r1828p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "12500"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"_id": null,
"model": "r2122",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7900"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"_id": null,
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.1"
},
{
"_id": null,
"model": "u200s and cs f5123p30",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8886"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "office connect ps1810",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "qradar siem mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "aura communication manager ssp04",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "ex series network switches for ibm products pre 12.3r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "tivoli dynamic workload console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "f1000-a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "aspera faspex",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "3.0.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "hsr6602 r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "m.10",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "a6600 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "79000"
},
{
"_id": null,
"model": "aspera proxy",
"scope": "ne",
"trust": 0.3,
"vendor": "asperasoft",
"version": "1.2.3"
},
{
"_id": null,
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "f1000-s",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2-480"
},
{
"_id": null,
"model": "aspera mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "msr93x",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "h.10",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "r1104",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1620"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "u200s and cs",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.20"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"_id": null,
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7967"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "aspera drive",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.1.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"_id": null,
"model": "russian version r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6602"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.4"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "f1000-e",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2.0"
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8852"
},
{
"_id": null,
"model": "12500(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "v7)0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "48000"
},
{
"_id": null,
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8750"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "vcx",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "57000"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.5.0"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "2.3.1"
},
{
"_id": null,
"model": "msr50-g2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "systems director common agent for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.5"
},
{
"_id": null,
"model": "r",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.1"
},
{
"_id": null,
"model": "esxi esxi550-20150110",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"_id": null,
"model": "ei switch series r2221p08",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5500"
},
{
"_id": null,
"model": "kb",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "msr30",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.8.0"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129000"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "msr1000",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "msr30 russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "i.10",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "project openssl 0.9.8za",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "m.08",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "a6600 r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "9500e",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-493"
},
{
"_id": null,
"model": "msr20 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"_id": null,
"model": "switch series r1118p11",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5830"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.8"
},
{
"_id": null,
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "tivoli workload scheduler for z/os connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.3.6"
},
{
"_id": null,
"model": "secblade iii",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "sle client tools for x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4"
},
{
"_id": null,
"model": "msr30 r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "tivoli workload scheduler for z/os connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "msr50-g2 r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"_id": null,
"model": "msr1000 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "vb",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1881"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56001"
},
{
"_id": null,
"model": "ka",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "office connect pk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "18100"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "yb",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "f5000 f3210p22",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.1"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "systems director common agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.5"
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.5.03.00"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.41"
},
{
"_id": null,
"model": "aspera ondemand for google cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8.2.0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.21"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"_id": null,
"model": "aura utility services sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "hsr6602 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "aspera console",
"scope": "ne",
"trust": 0.3,
"vendor": "asperasoft",
"version": "2.5.3"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "e",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "mcp russian version r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6600"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7779"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.3"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.2"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "msr50 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "hsr6800 r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.20"
},
{
"_id": null,
"model": "msr3000",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aspera faspex",
"scope": "ne",
"trust": 0.3,
"vendor": "asperasoft",
"version": "3.9"
},
{
"_id": null,
"model": "tivoli dynamic workload console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.40"
},
{
"_id": null,
"model": "msr2000 r0106p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "va",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.32"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aspera ondemand for softlayer",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.4"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125000"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
},
{
"_id": null,
"model": "switch series r1809p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5800"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"_id": null,
"model": "aspera ondemand for azure",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "r2311p05",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5700"
},
{
"_id": null,
"model": "aspera shares",
"scope": "ne",
"trust": 0.3,
"vendor": "asperasoft",
"version": "1.9"
},
{
"_id": null,
"model": "hi switch series r5501p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5500"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"_id": null,
"model": "qradar risk manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "secblade iii r3820p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "msm",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.46.4.2.1"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.1"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "aspera client",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "hsr6800 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "systems director common agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.4"
},
{
"_id": null,
"model": "aspera outlook plugin",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8zc",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v5)0"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.0"
},
{
"_id": null,
"model": "r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6602"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.5"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.3.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.2"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.0"
},
{
"_id": null,
"model": "u200a and m",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.2.0"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56003"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.0.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "msr20-1x r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "r1105",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1920"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.0"
},
{
"_id": null,
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"_id": null,
"model": "r11xx",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19100"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"_id": null,
"model": "systems director common agent for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.2"
},
{
"_id": null,
"model": "cognos planning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "tivoli workload scheduler for z/os connector fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.2"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58000"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.5"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.1.0"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"_id": null,
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "1.7.3"
},
{
"_id": null,
"model": "si switch series r2221p08",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5500"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1.2"
},
{
"_id": null,
"model": "aspera connect server",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "z/tpf",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.10"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "r2110p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2-48"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.3.2"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "ps110",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.33"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"_id": null,
"model": "9500e r1828p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.3.0"
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "f5000-s r3811p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.1.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "a6600 russian version r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"_id": null,
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v7)0"
},
{
"_id": null,
"model": "aspera faspex",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "3.7.5"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.1"
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "qradar vulnerability manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "msr30-16 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "hsr6602",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "systems director common agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8.1.0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"_id": null,
"model": "msr30-16 russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "msr20-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "ra",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "f5000-c r3811p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"_id": null,
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"_id": null,
"model": "rf manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.9.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.6.0"
},
{
"_id": null,
"model": "cognos planning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "tivoli workload scheduler for z/os connector fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "hsr6800",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "ei switch series r2221p08",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5120"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"_id": null,
"model": "h.07",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-495"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.1"
},
{
"_id": null,
"model": "msr50 g2 russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "sle client tools for s390x",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2.2"
},
{
"_id": null,
"model": "office connect pm",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "18100"
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "36100"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "msr30-16",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "ya",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "switch series r2311p05",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5900"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"_id": null,
"model": "bladecenter t advanced management module 32r0835",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "msm",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.26.2.1.2"
},
{
"_id": null,
"model": "hi switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"_id": null,
"model": "msr30-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.0"
},
{
"_id": null,
"model": "msr30-1x",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.80"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "switch series r2110p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3600v2"
},
{
"_id": null,
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "12500(comware r7328p04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "v7)"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "2.0.1"
},
{
"_id": null,
"model": "systems director common agent for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "systems director common agent for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "w",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "msr30 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "r15xx r1513p95",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1910"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.8.1.0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.7.0"
},
{
"_id": null,
"model": "msr4000 r0106p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "msr50 russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8730"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3600v20"
},
{
"_id": null,
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "msr30-1x r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v20"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "pb",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "msm",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.56.5.1.0"
},
{
"_id": null,
"model": "msr50 r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aspera enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7989"
},
{
"_id": null,
"model": "switch series r6708p10",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7500"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.10"
},
{
"_id": null,
"model": "g switch series r2221p08",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4800"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "f1000-e r3181p05",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8740"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "msr9xx r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mcp russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"_id": null,
"model": "4510g switch series r2221p08",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "r11xx r1107",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1910"
},
{
"_id": null,
"model": "wx5002/5004",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "msr30-16 r2513p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "msr30-1x russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "aspera point to point",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "2.3"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "msr50",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "aspera faspex",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "3.7.7"
},
{
"_id": null,
"model": "xcode",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.0"
},
{
"_id": null,
"model": "switch series r2111p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "11900"
},
{
"_id": null,
"model": "f1000-a r3734p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "hsr6602 russian version r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"_id": null,
"model": "aspera orchestrator",
"scope": "ne",
"trust": 0.3,
"vendor": "asperasoft",
"version": "2.10"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8300"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "hsr6800 russian version r3303p18",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4"
},
{
"_id": null,
"model": "systems director common agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3"
},
{
"_id": null,
"model": "project openssl 1.0.0n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "insight control server provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.0"
},
{
"_id": null,
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51300"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "tivoli dynamic workload console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59200"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "y",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "u",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "insight control",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "4210g switch series r2221p08",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.4.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"_id": null,
"model": "tivoli dynamic workload console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.34"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "aspera proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "l",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "server migration pack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"_id": null,
"model": "4210g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "m220",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56002"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "f5000",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "aspera ondemand for amazon",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "msm",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.36.3.1.0"
},
{
"_id": null,
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"_id": null,
"model": "server migration pack",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1886"
},
{
"_id": null,
"model": "msr20-1x",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "aspera cargo",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59000"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.0.5"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "msr2000",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "mcp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125000"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75000"
},
{
"_id": null,
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19200"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8677"
},
{
"_id": null,
"model": "si switch series r1513p95",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5120"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.2"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "systems director common agent for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.1"
},
{
"_id": null,
"model": "f",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "qradar risk manager mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "switch series r1005p15",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "12900"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "office connect p",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "18100"
},
{
"_id": null,
"model": "aspera orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "asperasoft",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "r2507p34",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "f1000-s r3734p06",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"_id": null,
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "msr50 g2 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "manager for sle sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "111.7"
},
{
"_id": null,
"model": "studio onsite",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.3"
},
{
"_id": null,
"model": "msr20-1x russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "cloudsystem matrix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "secblade ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "60000"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.0"
},
{
"_id": null,
"model": "office connect pl",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "18100"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "msr20 russian version 2513l40.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "secblade fw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "u200a and m f5123p30",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "t",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "switch series (comware r1208p10",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10500v5)"
},
{
"_id": null,
"model": "4510g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "vsr1000 r0204p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "switch series r2311p05",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5920"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.4"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "storage provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.3"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"_id": null,
"model": "systems director common agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2"
},
{
"_id": null,
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"_id": null,
"model": "ei switch series r3108p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5130"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0"
}
],
"sources": [
{
"db": "BID",
"id": "70585"
},
{
"db": "NVD",
"id": "CVE-2014-3513"
}
]
},
"credits": {
"_id": null,
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "131306"
},
{
"db": "PACKETSTORM",
"id": "129932"
},
{
"db": "PACKETSTORM",
"id": "132085"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "132081"
}
],
"trust": 0.5
},
"cve": "CVE-2014-3513",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-3513",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3513",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-3513",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3513"
},
{
"db": "NVD",
"id": "CVE-2014-3513"
}
]
},
"description": {
"_id": null,
"data": "Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message. OpenSSL is prone to a security-bypass vulnerability. \nSuccessfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions. This could be\nexploited in a Denial Of Service attack. This issue affects OpenSSL\n1.0.1 server implementations for both SSL/TLS and DTLS regardless of\nwhether SRTP is used or configured. Implementations of OpenSSL that\nhave been compiled with OPENSSL_NO_SRTP defined are not affected. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1j. \n\nThis issue was reported to OpenSSL on 26th September 2014, based on an original\nissue and patch developed by the LibreSSL project. Further analysis of the issue\nwas performed by the OpenSSL team. \n\nThe fix was developed by the OpenSSL team. \n\n\nSession Ticket Memory Leak (CVE-2014-3567)\n==========================================\n\nSeverity: Medium\n\nWhen an OpenSSL SSL/TLS/DTLS server receives a session ticket the\nintegrity of that ticket is first verified. In the event of a session\nticket integrity check failing, OpenSSL will fail to free memory\ncausing a memory leak. By sending a large number of invalid session\ntickets an attacker could exploit this issue in a Denial Of Service\nattack. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1j. \nOpenSSL 1.0.0 users should upgrade to 1.0.0o. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zc. \n\nThis issue was reported to OpenSSL on 8th October 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\n\nSSL 3.0 Fallback protection\n===========================\n\nSeverity: Medium\n\nOpenSSL has added support for TLS_FALLBACK_SCSV to allow applications\nto block the ability for a MITM attacker to force a protocol\ndowngrade. \n\nSome client applications (such as browsers) will reconnect using a\ndowngraded protocol to work around interoperability bugs in older\nservers. This could be exploited by an active man-in-the-middle to\ndowngrade connections to SSL 3.0 even if both sides of the connection\nsupport higher protocols. SSL 3.0 contains a number of weaknesses\nincluding POODLE (CVE-2014-3566). \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1j. \nOpenSSL 1.0.0 users should upgrade to 1.0.0o. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zc. \n\nhttps://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\nhttps://www.openssl.org/~bodo/ssl-poodle.pdf\n\nSupport for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller. \n\n\nBuild option no-ssl3 is incomplete (CVE-2014-3568)\n==================================================\n\nSeverity: Low\n\nWhen OpenSSL is configured with \"no-ssl3\" as a build option, servers\ncould accept and complete a SSL 3.0 handshake, and clients could be\nconfigured to send them. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1j. \nOpenSSL 1.0.0 users should upgrade to 1.0.0o. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zc. \n\nThis issue was reported to OpenSSL by Akamai Technologies on 14th October 2014. \n\nThe fix was developed by Akamai and the OpenSSL team. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20141015.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. \nHP BladeSystem c-Class Onboard Administrator (OA) 4.30 and earlier. \n\nGo to\nhttp://www.hp.com/go/oa\n\nSelect \"Onboard Administrator Firmware\"\nSelect product name as \"\"HP BLc3000 Onboard Administrator Option\" or \"HP\nBLc7000 Onboard Administrator Option\"\nSelect the operating system from the list of choices\nSelect Firmware version 4.40 for download\nRefer to the HP BladeSystem Onboard Administrator User Guide for steps to\nupdate the Onboard Administrator firmware. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz: Upgraded. \n (* Security fix *)\npatches/packages/openssl-1.0.1j-i486-1_slack14.1.txz: Upgraded. \n For more information, see:\n https://www.openssl.org/news/secadv_20141015.txt\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zc-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zc-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zc-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1j-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1j-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1j-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1j-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1j-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1j-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1j-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n44d336a121b39296f0e6bbeeb283dd2b openssl-0.9.8zc-i486-1_slack13.0.txz\n8342cfb351e59ecf5ea6d8cba66f0040 openssl-solibs-0.9.8zc-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n671f12535bdc10ab24388b713351aca2 openssl-0.9.8zc-x86_64-1_slack13.0.txz\n21e380284cdfab2fd15fffe2e0aed526 openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n64cb819f1e07522bd5d7ceedd0a9ab50 openssl-0.9.8zc-i486-1_slack13.1.txz\n5fe4e385b2251cfd7e8ae5963ec6cef1 openssl-solibs-0.9.8zc-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\n94feb6699d6f2cc7750a6b2e17ccaaa2 openssl-0.9.8zc-x86_64-1_slack13.1.txz\n2c17e4286509c29074ab0168367b851e openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n4483d91c776c7e23c59246c4e0aa24aa openssl-0.9.8zc-i486-1_slack13.37.txz\nfedd58eb19bc13c9dd88d947827a7370 openssl-solibs-0.9.8zc-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\n5d48ac1e9339efc35e304c7d48b2e762 openssl-0.9.8zc-x86_64-1_slack13.37.txz\n6f5e2b576259477c13f12cbed9be8804 openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\n2b678160283bc696565dc8bd8b28c0eb openssl-1.0.1j-i486-1_slack14.0.txz\nf7762615c990713e9e86d4da962f1022 openssl-solibs-1.0.1j-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n41010ca37d49b74e7d7dc3f1c6ddc57e openssl-1.0.1j-x86_64-1_slack14.0.txz\n40dc6f3de217279d6140c1efcc0d45c8 openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n024ecea55e22e47f9fbb4b81a7b72a51 openssl-1.0.1j-i486-1_slack14.1.txz\n0a575668bb41ec4c2160800611f7f627 openssl-solibs-1.0.1j-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nd07fe289f7998a584c2b0d9810a8b9aa openssl-1.0.1j-x86_64-1_slack14.1.txz\n1ffc5d0c02b0c60cefa5cf9189bfc71d openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n53c9f51a79460bbfc5dec5720317cd53 a/openssl-solibs-1.0.1j-i486-1.txz\ncc059aa63494f3b005a886c70bc3f5d6 n/openssl-1.0.1j-i486-1.txz\n\nSlackware x86_64 -current packages:\n500709555e652adcd84b4e02dfab4eeb a/openssl-solibs-1.0.1j-x86_64-1.txz\nc483ca9c450fa90a901ac013276ccc53 n/openssl-1.0.1j-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1j-i486-1_slack14.1.txz openssl-solibs-1.0.1j-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04540692\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04540692\nVersion: 1\n\nHPSBGN03233 rev.1 - HP OneView running OpenSSL, Remote Denial of Service\n(DoS), Unauthorized Access, and Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-01-13\nLast Updated: 2015-01-13\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized\naccess, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP OneView\nrunning OpenSSL and Bash Shell. These vulnerabilities (POODLE and Shellshock)\ncould be exploited remotely to create a Denial of Service (DoS), allow\nunauthorized access, or disclose information. \n\nReferences:\n\nCVE-2014-3513\nCVE-2014-3566\nCVE-2014-3567\nCVE-2014-6271\nCVE-2014-6277\nCVE-2014-6278\nCVE-2014-7169\nCVE-2014-7186\nCVE-2014-7187\nSSRT101739\nSSRT101868\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP OneView versions prior to 1.20\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-3513 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-3567 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-6277 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-6278 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-7186 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-7187 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has released the following software update to resolve the vulnerabilities\nin HP OneView. \n\nExisting users may upgrade to HP OneView version 1.20 using the Update\nAppliance feature in HP OneView. \n\nHP OneView version 1.20 is available from the following location:\n\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber\n=Z7550-63180\n\nNote: The upgrade (.bin) or a new install (.ova) is also available:\n\nAn HP Passport login is required. \n\nGo to the HP Software Depot site at http://www.software.hp.com and search for\nHP OneView. \n\nHISTORY\nVersion:1 (rev.1) - 13 January 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2014:1692-01\nProduct: Red Hat Storage\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-1692.html\nIssue date: 2014-10-22\nCVE Names: CVE-2014-3513 CVE-2014-3567 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that contain a backported patch to mitigate the\nCVE-2014-3566 issue and fix two security issues are now available for Red\nHat Storage 2.1. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Storage Server 2.1 - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary. \n\nThis update adds support for the TLS Fallback Signaling Cipher Suite Value\n(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade\nattacks against applications which re-connect using a lower SSL/TLS\nprotocol version when the initial connection indicating the highest\nsupported protocol version fails. \n\nThis can prevent a forceful downgrade of the communication to SSL 3.0. \nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC) mode. \nThis issue is identified as CVE-2014-3566, and also known under the alias\nPOODLE. This SSL 3.0 protocol flaw will not be addressed in a future\nupdate; it is recommended that users configure their applications to\nrequire at least TLS protocol version 1.0 for secure communication. \n\nFor additional information about this flaw, see the Knowledgebase article\nat https://access.redhat.com/articles/1232123\n\nA memory leak flaw was found in the way OpenSSL parsed the DTLS Secure\nReal-time Transport Protocol (SRTP) extension data. (CVE-2014-3567)\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain backported patches to mitigate the CVE-2014-3566 issue and correct\nthe CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect,\nall services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Storage Server 2.1:\n\nSource:\nopenssl-1.0.1e-30.el6_6.2.src.rpm\n\nx86_64:\nopenssl-1.0.1e-30.el6_6.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm\nopenssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm\nopenssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm\nopenssl-static-1.0.1e-30.el6_6.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3513\nhttps://access.redhat.com/security/cve/CVE-2014-3567\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/articles/1232123\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUR/NUXlSAg2UNWIIRAlZHAJwPwsoiJDn5RhI6U8eFkIzxyQopkQCePynp\nRpfQCptdJIpd6WXO7pw1vVo=\n=T20t\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3513"
},
{
"db": "BID",
"id": "70585"
},
{
"db": "VULMON",
"id": "CVE-2014-3513"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "131306"
},
{
"db": "PACKETSTORM",
"id": "128704"
},
{
"db": "PACKETSTORM",
"id": "129932"
},
{
"db": "PACKETSTORM",
"id": "132085"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "132081"
},
{
"db": "PACKETSTORM",
"id": "128793"
}
],
"trust": 1.98
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-3513",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "61439",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61058",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61207",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61837",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "62070",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61298",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61990",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61073",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59627",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61959",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1031052",
"trust": 1.1
},
{
"db": "BID",
"id": "70584",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10091",
"trust": 1.1
},
{
"db": "BID",
"id": "70585",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-3513",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169664",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131306",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128704",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129932",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137292",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132081",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128793",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3513"
},
{
"db": "BID",
"id": "70585"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "131306"
},
{
"db": "PACKETSTORM",
"id": "128704"
},
{
"db": "PACKETSTORM",
"id": "129932"
},
{
"db": "PACKETSTORM",
"id": "132085"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "132081"
},
{
"db": "PACKETSTORM",
"id": "128793"
},
{
"db": "NVD",
"id": "CVE-2014-3513"
}
]
},
"id": "VAR-201410-0371",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.395238084
},
"last_update_date": "2026-04-10T22:25:18.596000Z",
"patch": {
"_id": null,
"data": [
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/10/15/openssl_ddos_vulns/"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2385-1"
},
{
"title": "Red Hat: CVE-2014-3513",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-3513"
},
{
"title": "Debian Security Advisories: DSA-3053-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=89bdef3607a7448566a930eca0e94cb3"
},
{
"title": "Amazon Linux AMI: ALAS-2014-427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-427"
},
{
"title": "Symantec Security Advisories: SA87 : OpenSSL Security Advisory 15-Oct-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=374cff59719675d8235f907c21b99bfc"
},
{
"title": "Tenable Security Advisories: [R7] OpenSSL \u002720141015\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2014-11"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3513"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3513"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.6,
"url": "https://www.openssl.org/news/secadv_20141015.txt"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1692.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1652.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2014/dsa-3053"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2385-1"
},
{
"trust": 1.1,
"url": "http://advisories.mageia.org/mgasa-2014-0416.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59627"
},
{
"trust": 1.1,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61298"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61959"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61439"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61073"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/70584"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/62070"
},
{
"trust": 1.1,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031052"
},
{
"trust": 1.1,
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/700/sol15722.html"
},
{
"trust": 1.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2014-015.txt.asc"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61207"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61058"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61990"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61837"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142834685803386\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00002.html"
},
{
"trust": 1.1,
"url": "https://support.apple.com/ht205217"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05158380"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10091"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=2b0532f3984324ebe1236a63d15893792384328d"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.4,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.3,
"url": "http://www.openssl.org"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21691210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04574073"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/feb/151"
},
{
"trust": 0.3,
"url": "http://support.citrix.com/article/ctx216642"
},
{
"trust": 0.3,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-14:23.openssl.asc"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04492722"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04616259"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04624296"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05150888"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05158380"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04533567 "
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04533567 "
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21686792"
},
{
"trust": 0.3,
"url": "https://support.asperasoft.com/entries/103000206-security-advisory-cve-2014-3513-cve-2014-3566-poodle-cve-2014-3567-cve-2014-3568"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097074"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21884030"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959134"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21691005"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21688284"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697995"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697165"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21689482"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097375"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098265"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021548"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097587"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701452"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098105"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693662"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689347"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097867"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098586"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097807"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689743"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020593"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689332"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691140"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688762"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2015/jan/108"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101009000"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699200"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700489"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687863"
},
{
"trust": 0.3,
"url": "www-01.ibm.com/support/docview.wss?uid=ssg1s1005003"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3508"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3509"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3511"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-3513"
},
{
"trust": 0.2,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5139"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2385-1/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/~bodo/ssl-poodle.pdf"
},
{
"trust": 0.1,
"url": "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "http://www.hp.com/go/oa"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3567"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3568"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://www.software.hp.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7169"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6271"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7187"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6278"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7995"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1790"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1788"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1792"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131085"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3237"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2015"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0728"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7501"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2017"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7547"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05111017"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4969"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131044"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6565"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05130958"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/info/insightcontrol"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/hpsim/download.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/1232123"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3513"
},
{
"db": "BID",
"id": "70585"
},
{
"db": "PACKETSTORM",
"id": "169664"
},
{
"db": "PACKETSTORM",
"id": "131306"
},
{
"db": "PACKETSTORM",
"id": "128704"
},
{
"db": "PACKETSTORM",
"id": "129932"
},
{
"db": "PACKETSTORM",
"id": "132085"
},
{
"db": "PACKETSTORM",
"id": "137292"
},
{
"db": "PACKETSTORM",
"id": "132081"
},
{
"db": "PACKETSTORM",
"id": "128793"
},
{
"db": "NVD",
"id": "CVE-2014-3513"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2014-3513",
"ident": null
},
{
"db": "BID",
"id": "70585",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169664",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131306",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "128704",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129932",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132085",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "137292",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132081",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "128793",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-3513",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-10-19T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3513",
"ident": null
},
{
"date": "2014-10-15T00:00:00",
"db": "BID",
"id": "70585",
"ident": null
},
{
"date": "2014-10-15T12:12:12",
"db": "PACKETSTORM",
"id": "169664",
"ident": null
},
{
"date": "2015-04-06T19:11:05",
"db": "PACKETSTORM",
"id": "131306",
"ident": null
},
{
"date": "2014-10-17T00:03:05",
"db": "PACKETSTORM",
"id": "128704",
"ident": null
},
{
"date": "2015-01-14T03:51:42",
"db": "PACKETSTORM",
"id": "129932",
"ident": null
},
{
"date": "2015-05-29T23:37:43",
"db": "PACKETSTORM",
"id": "132085",
"ident": null
},
{
"date": "2016-06-02T19:12:12",
"db": "PACKETSTORM",
"id": "137292",
"ident": null
},
{
"date": "2015-05-29T23:37:11",
"db": "PACKETSTORM",
"id": "132081",
"ident": null
},
{
"date": "2014-10-22T18:52:41",
"db": "PACKETSTORM",
"id": "128793",
"ident": null
},
{
"date": "2014-10-19T01:55:13.887000",
"db": "NVD",
"id": "CVE-2014-3513",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3513",
"ident": null
},
{
"date": "2016-09-09T15:00:00",
"db": "BID",
"id": "70585",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-3513",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "70585"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "OpenSSL \u0027no-ssl3\u0027 Build Option Security Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "70585"
}
],
"trust": 0.3
},
"type": {
"_id": null,
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "70585"
}
],
"trust": 0.3
}
}